3f6bd9da493c3f2020b2969922689fd59430975c26b6c425333ac9b33a4ba6e3

Sharing

Copy URL

Twitter E-mail

General

Target

3f6bd9da493c3f2020b2969922689fd59430975c26b6c425333ac9b33a4ba6e3
Size

19KB
MD5

ab72d1c441ab99382851e40e783787b6
SHA1

2f9395b6390128da65a4056b2188aba95abe91df
SHA256

3f6bd9da493c3f2020b2969922689fd59430975c26b6c425333ac9b33a4ba6e3
SHA512

2b4014c1729ddc04c6030f58f6b752ed7ec471e0a73e8b68cdff2f7a048f90619ffcd8ae30d841a50092c9a4f3674da715846b0c8aac6bea22b1ec1a6bfaada5
SSDEEP

384:YXN4IkmVXNWSypp2aBg8207q/x5EzVCrAv1xq3mjKO3MevY:YXN4IkmXNWxp2aBgF07qpNre1DD/w

Score

N/A

Malware Config

Signatures

Files

3f6bd9da493c3f2020b2969922689fd59430975c26b6c425333ac9b33a4ba6e3
.exe windows x86

0642c8d76fb6157a0c5e91d469035a61

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
GetExitCodeThread
GetFileSize
GetFileSizeEx
GetFileTime
GetLongPathNameW
GetNamedPipeHandleStateW
GetNamedPipeInfo
GetNumberFormatW
GetOEMCP
GetPrivateProfileSectionNamesW
GetProcessHeap
GetProcessHeaps
GetProfileSectionW
GetShortPathNameA
GetStringTypeA
GetSystemDefaultLCID
GetThreadPriorityBoost
GetVersionExW
GetVolumePathNameW
GetWindowsDirectoryW
GetWriteWatch
GlobalAddAtomW
GlobalDeleteAtom
GlobalMemoryStatus
GlobalUnWire
GlobalUnlock
InitializeCriticalSection
IsBadStringPtrA
LoadLibraryA
LocalAlloc
LocalCompact
LocalFlags
LocalUnlock
Module32NextW
MulDiv
OpenEventW
OpenMutexW
GetDriveTypeA
QueryDosDeviceA
QueryInformationJobObject
RaiseException
ReadDirectoryChangesW
ReadProcessMemory
ReleaseMutex
ScrollConsoleScreenBufferA
SearchPathA
SearchPathW
SetCommBreak
SetComputerNameExA
SetConsoleActiveScreenBuffer
SetConsoleDisplayMode
SetConsoleScreenBufferSize
SetEndOfFile
SetFileApisToOEM
SetFileAttributesW
SetInformationJobObject
SetWaitableTimer
SuspendThread
UnhandledExceptionFilter
UnlockFile
UnregisterWait
VirtualAllocEx
VirtualQuery
WaitForDebugEvent
WaitNamedPipeA
WaitNamedPipeW
WriteConsoleW
WriteFileGather
WritePrivateProfileStringW
WritePrivateProfileStructW
WriteTapemark
_hwrite
lstrcmpA
lstrcpyn
GetDiskFreeSpaceA
GetDefaultCommConfigW
GetCurrencyFormatA
VirtualAlloc
GetConsoleTitleA
GetConsoleDisplayMode
GetConsoleAliasesLengthW
GetConsoleAliasExesA
GetComputerNameW
GetComputerNameA
GetCommandLineA
GetCommState
GetCommProperties
GetCalendarInfoW
GetAtomNameW
FreeEnvironmentStringsA
FoldStringA
FlushInstructionCache
FindResourceA
FindNextFileA
FindFirstVolumeW
FindFirstVolumeMountPointW
FindFirstVolumeA
FindFirstChangeNotificationA
FillConsoleOutputCharacterW
FileTimeToDosDateTime
ExitProcess
EnumUILanguagesA
EnumTimeFormatsW
EnumSystemLocalesW
EnumSystemLanguageGroupsA
EnumResourceTypesW
EnumResourceNamesW
EnumResourceNamesA
EnumDateFormatsExW
EnumCalendarInfoExW
EnumCalendarInfoA
DnsHostnameToComputerNameW
DisconnectNamedPipe
DisableThreadLibraryCalls
DeleteFileA
DeleteFiber
DebugBreak
CreateProcessA
CreateNamedPipeW
CreateMutexW
CreateHardLinkA
CreateEventW
CreateEventA
CreateDirectoryA
CopyFileExW
ConvertThreadToFiber
ConvertDefaultLocale
CancelIo
BuildCommDCBAndTimeoutsA
BeginUpdateResourceA
BackupSeek
BackupRead
AllocateUserPhysicalPages
AddAtomW
AddAtomA
LoadLibraryW
GetProcAddress
PeekConsoleInputA

user32

LoadAcceleratorsW

shell32

DoEnvironmentSubstW
DoEnvironmentSubstA
CommandLineToArgvW
CheckEscapesW
WOWShellExecute
Shell_NotifyIconA
ShellHookProc
ShellExecuteW
ShellExecuteExW
ShellExecuteEx
ShellExecuteA
ShellAboutW
SHQueryRecycleBinW
SHQueryRecycleBinA
SHPathPrepareForWriteA
SHLoadInProc
SHInvokePrinterCommandW
SHInvokePrinterCommandA
DragAcceptFiles
DragFinish
DragQueryFile
DragQueryFileA
DragQueryFileAorW
DragQueryFileW
DragQueryPoint
ExtractAssociatedIconExA
ExtractAssociatedIconExW
ExtractAssociatedIconW
ExtractIconEx
ExtractIconExA
ExtractIconW
FindExecutableW
SHAddToRecentDocs
SHAppBarMessage
SHBindToParent
SHBrowseForFolder
SHBrowseForFolderA
SHBrowseForFolderW
SHChangeNotify
SHCreateDirectoryExA
SHCreateDirectoryExW
SHCreateProcessAsUserW
SHEmptyRecycleBinA
SHEmptyRecycleBinW
SHFileOperation
SHFileOperationA
SHFileOperationW
SHFormatDrive
SHFreeNameMappings
SHGetDataFromIDListA
SHGetDataFromIDListW
SHGetDiskFreeSpaceExA
SHGetFileInfo
SHGetFolderLocation
SHGetFolderPathA
SHGetFolderPathW
SHGetIconOverlayIndexA
SHGetInstanceExplorer
SHGetMalloc
SHGetPathFromIDList
SHGetPathFromIDListA
SHGetSettings
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
Shell_NotifyIconW

shlwapi

StrStrIW
StrStrIA
StrStrA
StrRStrIW
StrRStrIA
StrRChrIW
StrRChrIA
StrRChrA
StrCmpNIW
StrCmpNA
StrChrW
StrChrIA
StrChrA

comctl32

CreatePropertySheetPage
CreatePropertySheetPageA
CreatePropertySheetPageW
CreateStatusWindow
ord6
CreateStatusWindowW
ord7
CreateToolbarEx
ord15
DrawStatusText
ord5
DrawStatusTextW
FlatSB_EnableScrollBar
FlatSB_GetScrollInfo
FlatSB_GetScrollProp
FlatSB_SetScrollPos
FlatSB_SetScrollProp
FlatSB_SetScrollRange
ImageList_Add
ImageList_AddIcon
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Copy
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_DrawIndirect
ImageList_Duplicate
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_GetImageRect
ImageList_LoadImage
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_Merge
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetDragCursorImage
ImageList_SetFilter
ImageList_SetOverlayImage
ord17
InitCommonControlsEx
InitMUILanguage
InitializeFlatSB
ord13
ord2
PropertySheet
PropertySheetA
PropertySheetW
ord3
UninitializeFlatSB
ord8

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ggj
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.heh
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0642c8d76fb6157a0c5e91d469035a61

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

comctl32

Sections

.text Size: 9KB - Virtual size: 9KB

.ggj Size: 2KB - Virtual size: 1KB

.heh Size: 24KB - Virtual size: 24KB

.data Size: 512B - Virtual size: 192B

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 9KB

.ggj
Size: 2KB - Virtual size: 1KB

.heh
Size: 24KB - Virtual size: 24KB

.data
Size: 512B - Virtual size: 192B

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 2KB - Virtual size: 1KB