b10641961802f835b0de0f3bc3c491c59e4b3b1e4a61da0d4644d7784cc632bb

Sharing

Copy URL Twitter E-mail

General

Target

b10641961802f835b0de0f3bc3c491c59e4b3b1e4a61da0d4644d7784cc632bb
Size

432KB
MD5

926fa7572fa59c99bf9c86177d7a3590
SHA1

b938e52a6ff014b7241088e26127937bfe8c8a8b
SHA256

b10641961802f835b0de0f3bc3c491c59e4b3b1e4a61da0d4644d7784cc632bb
SHA512

6c9b576351cf5a643be557c078adfb847a23a29489d36eacf0eff599a3d69c9882280bcc53cebd7651e1ec59ee133f7ae7e630c31515b08c21789e6097ab1f12
SSDEEP

12288:t9Ld/9mlOVHKMAPMQvfpNlNAw62ahlAPdZJ:nLhqO4MA/fflNRYlAVZJ

Score

N/A

Malware Config

Signatures

Files

b10641961802f835b0de0f3bc3c491c59e4b3b1e4a61da0d4644d7784cc632bb
.exe windows x86

6cd6e2e6864ae68e36300c2e701012a4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

kernel32

SetConsoleCursorPosition
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
GetConsoleScreenBufferInfo
GetStdHandle
GetLastError
FlushFileBuffers
HeapReAlloc
GetStringTypeW
LCMapStringW
WriteConsoleW
SetStdHandle
ReadFile
HeapSize
LoadLibraryW
IsValidCodePage
GetOEMCP
GetACP
GetTickCount
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetModuleHandleA
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalAlloc
Sleep
CreateSemaphoreA
CreateFileMappingA
WaitForSingleObject
MapViewOfFile
ReleaseSemaphore
MultiByteToWideChar
GetSystemTime
GetProcAddress
MulDiv
GetVersionExA
FindResourceA
LoadResource
SizeofResource
LockResource
CloseHandle
GetSystemInfo
lstrcmpiA
WriteFile
GetCPInfo
EnumSystemCodePagesW
CreateFileW
HeapCreate
GetModuleFileNameW
ExitProcess
GetModuleHandleW
GetCurrentProcess
TerminateProcess
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
DecodePointer
IsProcessorFeaturePresent
GetCurrentProcessId
LoadLibraryA
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapFree
RtlUnwind
RaiseException
HeapAlloc

user32

GetDlgItemTextA
CopyRect
CreatePopupMenu
GetDC
SetScrollInfo
InvalidateRect
GetParent
GetDesktopWindow
RedrawWindow
GetForegroundWindow
GetWindowTextA
ReleaseDC
GetClientRect
HideCaret
FillRect
MapVirtualKeyA
CopyImage
CreateDialogParamA
SetWindowTextA
CreateWindowExA
GetMessageA
DispatchMessageA
DestroyWindow
PostQuitMessage
SendMessageA
MessageBoxA
SetRect
DefWindowProcA
GetWindowRect
GetSystemMetrics
SetWindowPos
GetWindowLongA
GetWindow
SystemParametersInfoA
MapWindowPoints
CallWindowProcA
LoadCursorA
LoadIconA
RegisterClassExA
ShowWindow
UpdateWindow
GetSysColor
GetDlgItem
WindowFromPoint
GetDlgCtrlID
GetWindowContextHelpId
GetClassNameA

gdi32

GetObjectA
DeleteObject
GetStockObject
SetDCPenColor
Rectangle
MoveToEx
LineTo
CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
BitBlt
DeleteDC
CreateFontA
SetTextColor
CreateFontIndirectA
GetBitmapBits
GetTextMetricsA
SelectObject
GetBkColor
CreateSolidBrush
CreatePen

oleaut32

SysAllocStringLen
SysFreeString
SysStringLen

mpr

WNetCloseEnum

winmm

mmioClose
mmioOpenA

shlwapi

PathFileExistsA
StrSpnA
StrFormatByteSizeA

comctl32

ord17

pdh

PdhGetFormattedCounterValue

gdiplus

GdipCloneImage
GdiplusShutdown
GdipFree
GdipAlloc
GdipLoadImageFromFile
GdipDisposeImage
GdiplusStartup
GdipSaveImageToFile

secur32

AcquireCredentialsHandleA

setupapi

SetupOpenAppendInfFileA
SetupOpenInfFileA

msi

ord46

Sections

.text
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 160KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6cd6e2e6864ae68e36300c2e701012a4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

oleaut32

mpr

winmm

shlwapi

comctl32

pdh

gdiplus

secur32

setupapi

msi

Sections

.text Size: 83KB - Virtual size: 82KB

.rdata Size: 149KB - Virtual size: 149KB

.data Size: 160KB - Virtual size: 168KB

.rsrc Size: 27KB - Virtual size: 27KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 83KB - Virtual size: 82KB

.rdata
Size: 149KB - Virtual size: 149KB

.data
Size: 160KB - Virtual size: 168KB

.rsrc
Size: 27KB - Virtual size: 27KB

.reloc
Size: 10KB - Virtual size: 10KB