021420831f0bbe2a26ef467fe4ebdad61c0bd6642b15c8d130fafe103c580cb7

Sharing

Copy URL Twitter E-mail

General

Target

021420831f0bbe2a26ef467fe4ebdad61c0bd6642b15c8d130fafe103c580cb7
Size

592KB
MD5

80825cb967e9ad8d54dedabf93273670
SHA1

d4333075d16510e0d82b501dc85a0c7bcaacdc1b
SHA256

021420831f0bbe2a26ef467fe4ebdad61c0bd6642b15c8d130fafe103c580cb7
SHA512

f67313531355be9356d4c85a77969f31cca21aba3fbf2cd9f69662d4a56e32bfe9cb2c9bb6ad4d782a8dc0cc1eabf45fab163bccf83a90d3b91edb127c5fd18f
SSDEEP

12288:ibHk1ajSN7gv1KV0oHDMzUVRw9BgHqXfrjAEVz9YcvADfktd1a:DSc/IJTgKX/rVz9h/1

Score

N/A

Malware Config

Signatures

Files

021420831f0bbe2a26ef467fe4ebdad61c0bd6642b15c8d130fafe103c580cb7
.exe windows x86

317e19d0935e50f4308fa2483658a7de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapReAlloc
HeapSize
GetStringTypeW
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
WriteFile
LoadLibraryW
EnterCriticalSection
CloseHandle
LocalFree
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
MultiByteToWideChar
LCMapStringW
IsProcessorFeaturePresent
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
HeapFree
GetStartupInfoW
HeapSetInformation
GetCommandLineA
DecodePointer
ExitProcess
WriteConsoleW
SetStdHandle
GetLocaleInfoW
GetThreadLocale
GetLastError
HeapCreate
lstrlenW
WideCharToMultiByte
HeapAlloc
WaitForSingleObject
SetEvent
GetCurrentThreadId
WaitForMultipleObjects
Sleep
LeaveCriticalSection
LocalAlloc
GetProcAddress
GetConsoleWindow
GetEnvironmentStrings
FreeEnvironmentStringsA
CreateFileA
GetFileInformationByHandle
GetTickCount
GetEnvironmentStringsW
lstrlenA
LoadLibraryA
GetUserDefaultUILanguage
GetDateFormatA
GetModuleHandleW
RaiseException
GetModuleHandleA
DeleteCriticalSection
CreateFileW

user32

DestroyWindow
MoveWindow
OpenClipboard
SetFocus
GetWindowLongA
CreateDialogParamA
ShowWindow
GetSystemMenu
GetMessageA
SendDlgItemMessageA
CloseWindowStation
SetWindowLongA
SetThreadDesktop
CreateDesktopA
SetProcessWindowStation
GetUserObjectInformationA
GetThreadDesktop
GetProcessWindowStation
EnableMenuItem
UpdateWindow
DrawMenuBar
DispatchMessageA
TranslateMessage
CheckRadioButton
PeekMessageA
SetDlgItemInt
GetDlgItemInt
SetDlgItemTextA
GetDlgItemTextA
CloseDesktop
LoadStringA
SendMessageA
GetWindowTextA
PostQuitMessage
CreateWindowExA
DefWindowProcA
GetWindowRect
SystemParametersInfoA
ScreenToClient
SetRect
GetClientRect
CopyRect
DrawTextA
GetSystemMetrics
FillRect
BeginPaint
EndPaint
GetCursorPos
CreatePopupMenu
TrackPopupMenuEx
LoadCursorA
GetDC
ReleaseDC
SetWindowTextA
EmptyClipboard
CopyImage
SetClipboardData
CloseClipboard
EndDialog
SetMenu
GetDlgItem

gdi32

GetObjectA
CreateFontIndirectA
ExcludeClipRect
CreateSolidBrush
SelectClipRgn
DeleteObject
FillRgn
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
PatBlt
DeleteDC
GetStockObject

comdlg32

ChooseColorA
GetOpenFileNameA

advapi32

GetTokenInformation
FreeSid
DuplicateTokenEx
GetLengthSid
CopySid
AllocateAndInitializeSid
IsValidSid
InitializeAcl
AddAccessAllowedAce
IsValidAcl
LookupAccountSidA

shell32

SHGetFolderPathW
SHGetFolderPathA

ole32

CoMarshalInterThreadInterfaceInStream
OleInitialize
CreateStreamOnHGlobal
CoUnmarshalInterface
CoGetInterfaceAndReleaseStream
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
OleSetClipboard
CoMarshalInterface
GetHGlobalFromStream

ws2_32

send
closesocket
WSAGetLastError

version

GetFileVersionInfoW

shlwapi

PathAppendA

comctl32

InitCommonControlsEx

rpcrt4

RpcServerUseProtseqEpA
RpcServerRegisterIfEx
RpcServerListen

gdiplus

GdipCreateHBITMAPFromBitmap
GdipDisposeImage
GdiplusStartup
GdipCreateBitmapFromFile

secur32

GetUserNameExA
EnumerateSecurityPackagesA

opengl32

wglMakeCurrent
wglDeleteContext

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

msi

ord108

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ddata
Size: 323KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ydata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

317e19d0935e50f4308fa2483658a7de

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

ws2_32

version

shlwapi

comctl32

rpcrt4

gdiplus

secur32

opengl32

wtsapi32

msi

Sections

.text Size: 58KB - Virtual size: 57KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 4KB - Virtual size: 12KB

.ddata Size: 323KB - Virtual size: 322KB

.ydata Size: 20KB - Virtual size: 19KB

.adata Size: 42KB - Virtual size: 42KB

.rsrc Size: 108KB - Virtual size: 107KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 58KB - Virtual size: 57KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 4KB - Virtual size: 12KB

.ddata
Size: 323KB - Virtual size: 322KB

.ydata
Size: 20KB - Virtual size: 19KB

.adata
Size: 42KB - Virtual size: 42KB

.rsrc
Size: 108KB - Virtual size: 107KB

.reloc
Size: 9KB - Virtual size: 9KB