820cd49c04ba18c4979cd01102adbea875f5bcf26d262671bd13f4f8f81b91f9

Sharing

Copy URL Twitter E-mail

General

Target

820cd49c04ba18c4979cd01102adbea875f5bcf26d262671bd13f4f8f81b91f9
Size

959KB
MD5

dfdab8cd7fc1645a6a526348ead3a91b
SHA1

13ea4464a0f8214f90e3591e290a1b4e3d4fbe6b
SHA256

820cd49c04ba18c4979cd01102adbea875f5bcf26d262671bd13f4f8f81b91f9
SHA512

d634028e11730eae8681b1da3726183d975f5312288bb2e5823c9969813ccb3025a9207a2cb3c4d77a38bc29e83bb86783dc9625c5b288bb8d58561918133ddb
SSDEEP

12288:oihQniGIMtCYagzOQDZCqB1zKHlYm8zijysCqs:oihQnR0Zgye1uH6m8TsC

Score

N/A

Malware Config

Signatures

Files

820cd49c04ba18c4979cd01102adbea875f5bcf26d262671bd13f4f8f81b91f9
.exe windows x86

35960e47855fa405e64dec1d309753a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
lstrcmpiW
lstrcatW
WritePrivateProfileSectionW
WriteFile
WideCharToMultiByte
UnhandledExceptionFilter
TerminateProcess
SystemTimeToFileTime
SetUnhandledExceptionFilter
SetLastError
QueryPerformanceCounter
LocalFree
LocalAlloc
InterlockedIncrement
InterlockedDecrement
GetWindowsDirectoryW
GetSystemTimeAsFileTime
GetSystemDirectoryW
GetSystemDefaultLCID
GetProcAddress
GetPrivateProfileStringW
GetPrivateProfileSectionW
GetModuleFileNameW
GetLocalTime
GetExitCodeProcess
GetCurrentProcess
GetModuleHandleW
FreeLibrary
FormatMessageW
FileTimeToSystemTime
DeleteFileW
CreateFileW
CloseHandle
GetStartupInfoA
lstrlenA
GetCommandLineA
GetLastError
GetModuleHandleA
GetFileAttributesW
GetTickCount
GetVersion
HeapAlloc
VirtualAllocEx
GetProcessHeap
GetCurrentThreadId
GetCommandLineW
GlobalAlloc
LoadLibraryW
lstrlenW
GetDriveTypeA
GetCurrentProcessId
Sleep
GetFileAttributesA
GetDriveTypeW
LoadLibraryA

user32

MsgWaitForMultipleObjects
DispatchMessageW
LoadIconW
GetSystemMetrics
ShowWindow
LoadBitmapW
GetParent
LoadBitmapA
GetSysColor
IsDlgButtonChecked
LoadIconA
PeekMessageW
UpdateWindow
GetDlgItem
SendMessageA
IsWindowVisible
DestroyIcon
GetKeyState
GetMenu
EnableMenuItem
IsWindow
GetDC
SendMessageW
wsprintfW
DestroyWindow

gdi32

GdiFlush
DeleteMetaFile
DeleteObject
GetGraphicsMode
CreatePatternBrush
AddFontResourceW
CreateCompatibleDC
DeleteEnhMetaFile
GetEnhMetaFileW
CreateMetaFileW
GetBkColor
CreateHalftonePalette
GetDCPenColor
SetTextAlign
GetBkMode
CloseMetaFile
CreateMetaFileA
SetBkMode
GetDCBrushColor
DeleteColorSpace
BeginPath
CreateSolidBrush
CloseFigure
EndDoc
FlattenPath
GdiGetBatchLimit
GetColorSpace
AbortPath
GetEnhMetaFileA
SetTextColor
SelectObject
EndPage
AbortDoc
GetFontLanguageInfo
DeleteDC
CancelDC
AddFontResourceA
SaveDC
GetLayout
CloseEnhMetaFile
EndPath

advapi32

RegSaveKeyW
RegRestoreKeyW
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
GetTokenInformation
FreeSid
EqualSid
DuplicateTokenEx
CreateProcessAsUserW
AllocateAndInitializeSid
AdjustTokenPrivileges
RegOpenKeyA
RegQueryValueExA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

shlwapi

PathCanonicalizeW
StrStrIW

winmm

timeGetTime

msvcrt

wcstoul
wcslen
wcschr
_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_acmdln
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_initterm
exit
free
malloc
towlower

Sections

.text
Size: 902KB - Virtual size: 902KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35960e47855fa405e64dec1d309753a7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

shlwapi

winmm

msvcrt

Sections

.text Size: 902KB - Virtual size: 902KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 23KB - Virtual size: 23KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 902KB - Virtual size: 902KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 23KB - Virtual size: 23KB

.rsrc
Size: 4KB - Virtual size: 3KB