06656406d6984b331ac7b34a4686392fb17374b5cd482eb6d61e01d68d23fb41

Sharing

Copy URL Twitter E-mail

General

Target

06656406d6984b331ac7b34a4686392fb17374b5cd482eb6d61e01d68d23fb41
Size

428KB
MD5

a27a2b54f57b4aae0c246320b91d68c0
SHA1

1c0c22840ab096aaa1b7c21f1f7642cb4d4c7850
SHA256

06656406d6984b331ac7b34a4686392fb17374b5cd482eb6d61e01d68d23fb41
SHA512

7dffcd6707efad83e6edd95922498eba8bca63491e9c7c3d25d266a7f4809d81a12d4465ebde0dcb0ffc36469d75550f5fc496fa8c45c5416ac232bc48e8ad62
SSDEEP

12288:rkLBL6DZobNLqoaIl4JeLBo61erkuSlFu:WL6N4Mgl4JW3eIuSlFu

Score

N/A

Malware Config

Signatures

Files

06656406d6984b331ac7b34a4686392fb17374b5cd482eb6d61e01d68d23fb41
.exe windows x86

c5848dfe62aabe9498e426f6da346c9e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

GetConsoleMode
GetConsoleCP
SetFilePointer
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
LoadLibraryW
GetModuleHandleW
GetProcAddress
OutputDebugStringW
InterlockedIncrement
WriteFile
InterlockedDecrement
RtlUnwind
GetACP
HeapValidate
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
DecodePointer
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
GetOEMCP
GetCPInfo
IsValidCodePage
HeapReAlloc
HeapSize
HeapQueryInformation
SetStdHandle
FlushFileBuffers
IsProcessorFeaturePresent
GetStringTypeW
LCMapStringW
CreateFileW
CloseHandle
OutputDebugStringA
ExitProcess
EnterCriticalSection
GetProcessHeaps
GetLastError
GlobalUnlock
ReleaseSemaphore
MultiByteToWideChar
CreateSemaphoreA
HeapCreate
LeaveCriticalSection
Sleep
GetStdHandle
SetHandleCount
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetModuleFileNameW
FormatMessageA
GetProcessHeap
IsBadReadPtr
CreateFileMappingA
SetEvent
WaitForSingleObject
GlobalLock
HeapFree
HeapAlloc
MapViewOfFile
lstrlenA
WriteConsoleW
RaiseException

user32

GetDlgItemTextA
LoadCursorA
UpdateWindow
DrawFrameControl
SetDlgItemTextA
CopyRect
SetWindowTextA
GetSystemMetrics
DispatchMessageW
DestroyWindow
CloseClipboard
SetWindowRgn
SetTimer
IsMenu
GetMessageW
RegisterClassExA
IsIconic
KillTimer
DrawTextA
LoadBitmapA
GetParent
LoadIconA
GetClientRect
SendMessageA
GetDC
TranslateMessage
GetForegroundWindow
OffsetRect
GetWindowTextA
SetWindowLongA
InvalidateRect
GetWindowLongA
GetClipboardData
GetWindowTextW
CreateWindowExA
GetDlgItem
DefWindowProcA
GetSysColor
ShowWindow
OpenClipboard
IsClipboardFormatAvailable

gdi32

SelectObject
CreateEllipticRgn
BitBlt
SetTextColor
DeleteDC
GetDeviceCaps
CreateFontIndirectA
SetBkColor
DeleteObject
CreateCompatibleDC
CombineRgn
CreateCompatibleBitmap
Polyline
CreatePen
SetTextAlign
GetObjectA
GetStockObject

comdlg32

ChooseColorA

advapi32

CloseServiceHandle
DeleteService
LogonUserW
ImpersonateLoggedOnUser
OpenSCManagerA
ControlService
OpenServiceA

ole32

CoInitialize
OleInitialize

ws2_32

WSAEnumProtocolsA
WSAStartup

mpr

WNetGetConnectionA

comctl32

ImageList_AddMasked
InitCommonControlsEx
CreatePropertySheetPageA
ImageList_GetImageInfo
ImageList_Create
ImageList_GetImageCount
PropertySheetA

imm32

ImmAssociateContext

setupapi

SetupDiSetDeviceRegistryPropertyA
SetupDiSetDeviceInstallParamsA
SetupDiGetClassInstallParamsA
SetupDiGetDeviceInstallParamsA
SetupDiSetClassInstallParamsA

authz

AuthzInitializeResourceManager

Sections

.text
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 169KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5848dfe62aabe9498e426f6da346c9e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

ws2_32

mpr

comctl32

imm32

setupapi

authz

Sections

.text Size: 182KB - Virtual size: 182KB

.rdata Size: 48KB - Virtual size: 48KB

.data Size: 169KB - Virtual size: 176KB

.rsrc Size: 27KB - Virtual size: 27KB

.text
Size: 182KB - Virtual size: 182KB

.rdata
Size: 48KB - Virtual size: 48KB

.data
Size: 169KB - Virtual size: 176KB

.rsrc
Size: 27KB - Virtual size: 27KB