f3559af936d1071185422dcfa81686842dca4321e7b5c12903c54234e3ef8be6

Sharing

Copy URL Twitter E-mail

General

Target

f3559af936d1071185422dcfa81686842dca4321e7b5c12903c54234e3ef8be6
Size

409KB
MD5

92dd6e0029a2361ebac8948c22860c54
SHA1

d394983976147580003bdbf558d4c64eccfcd405
SHA256

f3559af936d1071185422dcfa81686842dca4321e7b5c12903c54234e3ef8be6
SHA512

5b52be3fc9ab6ad031983451971c39d118ea24af0582a8d02771aecd2acdabdaed08a04cd9e3f77bd75f0f987d76ca7762e4def0e2e5c139a163ea1cde326d87
SSDEEP

12288:uFr6E5VXruaazSj0dadFm070MZVkX2J5asdNAVu4:u35ViaaWQda/NwmVk05asvcu4

Score

N/A

Malware Config

Signatures

Files

f3559af936d1071185422dcfa81686842dca4321e7b5c12903c54234e3ef8be6
.exe windows x86

c1b0ebea1bab42e620186be23ae77a97

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
LCMapStringW
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
HeapQueryInformation
HeapSize
HeapReAlloc
HeapFree
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
LoadLibraryW
GetFileType
SetHandleCount
GetStdHandle
SetLastError
TlsFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsBadReadPtr
HeapValidate
InitializeCriticalSectionAndSpinCount
EncodePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineA
MultiByteToWideChar
ExitProcess
GetModuleHandleW
GetProcAddress
DecodePointer
RtlUnwind
RaiseException
LeaveCriticalSection
SetStdHandle
CreateDirectoryA
CreateNamedPipeA
CloseHandle
ConnectNamedPipe
LocalAlloc
LocalFree
GetProcessHeap
CreateFileA
GetFileSize
GlobalAlloc
GlobalLock
ReadFile
GlobalUnlock
GetModuleFileNameA
GetModuleFileNameW
lstrcpyW
GetPrivateProfileSectionW
GetPrivateProfileIntW
lstrcmpiA
SetProcessAffinityMask
lstrlenW
lstrcatW
FindFirstFileW
FindNextFileW
FindClose
GetLastError
WriteFile
SetFilePointer
HeapCreate
GetCurrentProcess
GetWindowsDirectoryA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetFileInformationByHandle
HeapAlloc
FormatMessageA
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
CreateEventA
FileTimeToLocalFileTime
FileTimeToSystemTime
EnumResourceLanguagesA
LoadResource
GetModuleHandleA
TlsGetValue
CreateFileW

user32

SetWindowTextA
LookupIconIdFromDirectory
SendMessageA
GetMenuItemID
GetMenuItemCount
AppendMenuA
CreatePopupMenu
LoadMenuA
ScreenToClient
SetCursorPos
ChildWindowFromPoint
FindWindowA
GetWindowLongA
GetDC
GetClientRect
GetScrollPos
GetScrollRange
SetScrollPos
ScrollWindow
UpdateWindow
GetDialogBaseUnits
GetDlgItem
SetFocus
BeginPaint
EndPaint
MoveWindow
ReleaseDC
DefWindowProcA
LoadStringA
LoadStringW
GetParent
SendNotifyMessageA
DestroyAcceleratorTable
GetDlgItemTextW
LoadBitmapA
GetSystemMetrics
InvalidateRect
SetCursor
wsprintfW
GetWindowRect
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
ShowWindow
DialogBoxParamA
LoadIconA
LoadCursorA
SystemParametersInfoA
DestroyWindow
FillRect
TrackPopupMenu
SendDlgItemMessageA
GetWindowTextLengthA
GetWindowTextA
OpenClipboard
EndDialog
EmptyClipboard
CopyImage
SetClipboardData
CloseClipboard
EnableWindow
CreateDialogParamA
SetDlgItemTextA

gdi32

SetTextColor
Rectangle
GetTextExtentPoint32A
CreateDCA
GetDeviceCaps
CreateCompatibleDC
CreateDIBSection
SelectObject
BitBlt
GetDIBColorTable
DeleteObject
GetBitmapBits
CreateCompatibleBitmap
GetDIBits
CreateFontIndirectA
CreateSolidBrush
GetStockObject
PatBlt
StartDocA
StartPage
TextOutA
EndPage
EndDoc
SetAbortProc
GetTextMetricsA
EnumFontsA
DeleteDC

comdlg32

ReplaceTextA

advapi32

AllocateAndInitializeSid
SetEntriesInAclA
OpenProcessToken
RegSetValueExW
RegCreateKeyExW
RegCloseKey
FreeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCreateKeyExA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
ExtractIconExA

ole32

CreateStreamOnHGlobal
CoTaskMemFree

oleaut32

OleLoadPicture
OleSavePictureFile

userenv

CreateEnvironmentBlock

avicap32

capGetDriverDescriptionA

shlwapi

PathFindFileNameA
StrChrA
PathFindExtensionA
PathFindExtensionW
AssocCreate
PathStripToRootA
ord12

comctl32

InitCommonControlsEx
CreateToolbarEx
ImageList_Create
ImageList_ReplaceIcon

wtsapi32

WTSEnumerateProcessesA
WTSFreeMemory

uxtheme

IsThemeActive
GetThemeDocumentationProperty
EnableTheming

dxva2

SetVCPFeature

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1b0ebea1bab42e620186be23ae77a97

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

userenv

avicap32

shlwapi

comctl32

wtsapi32

uxtheme

dxva2

Sections

.text Size: 130KB - Virtual size: 130KB

.rdata Size: 240KB - Virtual size: 240KB

.data Size: 5KB - Virtual size: 13KB

.rsrc Size: 31KB - Virtual size: 31KB

.text
Size: 130KB - Virtual size: 130KB

.rdata
Size: 240KB - Virtual size: 240KB

.data
Size: 5KB - Virtual size: 13KB

.rsrc
Size: 31KB - Virtual size: 31KB