57899bab3763a4f966530a154108753c8b494f838e70bcec560816a4db496328

Sharing

Copy URL Twitter E-mail

General

Target

57899bab3763a4f966530a154108753c8b494f838e70bcec560816a4db496328
Size

542KB
MD5

93d43a51afdffce895be73c6a0bd6240
SHA1

bccdd4254dedb3457f7afecc5cd89bc30c046236
SHA256

57899bab3763a4f966530a154108753c8b494f838e70bcec560816a4db496328
SHA512

5b79636b4adaa1a5a9db139b417336d88b8928065b72330552da7d9aa33a190c4ecbbc285b6a703f99052e795da1398ea829f7d1179ac4e6f28661663b555338
SSDEEP

6144:FqLB9rVPEbRz6T52Kw8L+S4ubmy1rln9wpj7oO0HyLwyXq4uZBRqM53d4q0aVewA:Fqxc1n8L+lfyipjkO0Hew7Z7t53p0OA

Score

N/A

Malware Config

Signatures

Files

57899bab3763a4f966530a154108753c8b494f838e70bcec560816a4db496328
.exe windows x86

8f0c58470c602df37cadf7fe3fd5dd38

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_UP_SYSTEM_ONLY

Imports

kernel32

WriteFile
ExitProcess
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
LeaveCriticalSection
EnterCriticalSection
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GlobalLock
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
HeapSize
LCMapStringW
GetStringTypeW
SetFilePointer
GetConsoleCP
GetConsoleMode
LoadLibraryW
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetCurrentThread
GetLastError
ReadFile
GlobalUnlock
LocalAlloc
LocalFree
WideCharToMultiByte
lstrcatW
DeleteFileW
HeapCreate
HeapFree
HeapAlloc
FindResourceA
LoadResource
LockResource
SizeofResource
UnhandledExceptionFilter
TerminateProcess
GetProcAddress
InterlockedDecrement
GetCurrentThreadId
SetLastError
GetModuleHandleW
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DecodePointer
EncodePointer
GetCurrentProcess
CloseHandle
lstrlenA
IsProcessorFeaturePresent
GetStartupInfoW
GetStdHandle
GetConsoleScreenBufferInfo
FillConsoleOutputCharacterA
FillConsoleOutputAttribute
SetConsoleCursorPosition
GetComputerNameA
CreateFileA
GetFileSize
HeapSetInformation
GetCommandLineA
HeapReAlloc
MultiByteToWideChar
RtlUnwind
RaiseException
GlobalAlloc
CreateFileW

user32

CreateDialogIndirectParamA
FindWindowW
MonitorFromWindow
GetMonitorInfoA
SetWindowPos
ShowWindow
DestroyWindow
EnumDesktopsA
wsprintfA
ReleaseDC
UpdateWindow
GetWindowRect
GetDC
InvalidateRect
GetFocus
LoadBitmapA
BeginDeferWindowPos
GetTabbedTextExtentA
InsertMenuItemA
CopyRect
FillRect
DrawIconEx
DrawTextA
EnableMenuItem
LoadCursorA
RegisterClassExA
MessageBoxA
CreateDialogParamA
GetMessageA
TranslateMessage
PostQuitMessage
BeginPaint
IsIconic
GetClientRect
GetSystemMetrics
DrawIcon
EndPaint
LoadIconA
SendMessageA
MessageBoxW
DrawTextW
DefWindowProcA

gdi32

CreateDCW
CreatePen
SelectObject
Ellipse
MoveToEx
LineTo
GetStockObject
GetObjectA
SetTextAlign
SetBkMode
CreateFontIndirectA
TextOutA
SetDCPenColor
Rectangle
CreateCompatibleDC
BitBlt
DeleteDC
CreateSolidBrush
GetDeviceCaps
CreateDIBSection
SaveDC
RestoreDC
DeleteObject
CreatePolygonRgn
FillRgn
SetTextColor
CreateFontW
CreateFontA
GetTextExtentPoint32A

comdlg32

GetFileTitleW

advapi32

GetUserNameA
DeleteService
OpenThreadToken
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
GetSidLengthRequired
LookupAccountNameA
OpenSCManagerA
OpenServiceA
ControlService
CloseServiceHandle

shell32

SHGetFolderPathW

ole32

CreateStreamOnHGlobal
CoTaskMemAlloc
CoTaskMemFree
CoInitialize

oleaut32

OleLoadPicture
CreateErrorInfo
SafeArrayGetLBound
SetErrorInfo
SafeArrayGetUBound
OleSavePictureFile

avifil32

AVIStreamCreate
AVIFileInit

msimg32

GradientFill

crypt32

CertGetNameStringA

comctl32

ImageList_AddMasked
ImageList_GetImageCount
ImageList_Create
FlatSB_GetScrollInfo
ImageList_GetImageInfo

gdiplus

GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipSaveImageToFile

authz

AuthzInitializeResourceManager

dxva2

DegaussMonitor
DestroyPhysicalMonitors

Sections

.text
Size: 342KB - Virtual size: 342KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f0c58470c602df37cadf7fe3fd5dd38

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

avifil32

msimg32

crypt32

comctl32

gdiplus

authz

dxva2

Sections

.text Size: 342KB - Virtual size: 342KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 7KB - Virtual size: 14KB

.rsrc Size: 162KB - Virtual size: 161KB

.text
Size: 342KB - Virtual size: 342KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 7KB - Virtual size: 14KB

.rsrc
Size: 162KB - Virtual size: 161KB