b759b4a60ae61721bf9f6a8541d0b613d185d33e395354350f510017bd987bc6

Sharing

Copy URL Twitter E-mail

General

Target

b759b4a60ae61721bf9f6a8541d0b613d185d33e395354350f510017bd987bc6
Size

672KB
MD5

827b1ea6b71110ca16c17b9190760610
SHA1

ad627000f6fe20673ff775490155135173d78881
SHA256

b759b4a60ae61721bf9f6a8541d0b613d185d33e395354350f510017bd987bc6
SHA512

8b69ebdb410a81e2566a75b69244dd3c44f67c1afbd9734ebffa3d1d122c81ed0679e030431a50dc2e85fb512a05b60292b4af5695b76d5f59848d3071797384
SSDEEP

12288:EgkFsWFP/7WSSMBv2Abb3wFTtGwBD0u9NtEB5ue7nmTbmi268PaGV:iFsWhGMBvxvwFTtGwiu9Nt6J7ibg68Pz

Score

N/A

Malware Config

Signatures

Files

b759b4a60ae61721bf9f6a8541d0b613d185d33e395354350f510017bd987bc6
.exe windows x86

c0ba383516ee089db9db182ce5665ee3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
FreeLibrary
InterlockedIncrement
InterlockedDecrement
OutputDebugStringA
GetFileSize
SetEndOfFile
ReadFile
FlushFileBuffers
DeleteFileA
GetFileAttributesA
SetFileAttributesA
MoveFileA
GetProcAddress
GetLastError
GetVolumeInformationA
lstrcpynA
MultiByteToWideChar
lstrlenA
lstrcmpiA
FindClose
FindNextFileA
FindFirstFileA
GetDriveTypeA
GetLogicalDriveStringsA
CopyFileA
GetCurrentProcessId
WriteFile
GetCurrentThread
ResumeThread
GetThreadPriority
SetThreadPriority
InitializeCriticalSection
IsBadWritePtr
EnterCriticalSection
LeaveCriticalSection
CreateMutexA
ReleaseMutex
GetProcessAffinityMask
QueryPerformanceCounter
QueryPerformanceFrequency
MulDiv
GlobalAlloc
GlobalFree
GetStartupInfoA
VirtualQuery
GetModuleHandleA
FormatMessageA
GetCurrentThreadId
GetLocalTime
GetCurrentProcess
SleepEx
QueueUserAPC
GetVersion
Sleep
SuspendThread
GetExitCodeThread
WaitForSingleObject
DeleteCriticalSection
CreateFileA
InterlockedExchange
GetModuleFileNameA
SetUnhandledExceptionFilter
CloseHandle
SetFilePointer
GetCommandLineA

user32

FindWindowExA
wvsprintfA
ShowWindow
SetForegroundWindow
PeekMessageA
LoadCursorFromFileA
SetCursor
LoadCursorA
SetWindowLongA
CreateWindowExA
RegisterClassA
LoadIconA
SystemParametersInfoA
DestroyWindow
ReleaseDC
GetDC
InvalidateRect
MoveWindow
GetClientRect
GetScrollPos
MessageBoxA
BeginPaint
EndPaint
SetScrollPos
GetScrollRange
ShowScrollBar
SetScrollRange
SetWindowTextA
SendMessageA
SetFocus
PostQuitMessage
DispatchMessageA
DefWindowProcA
TranslateMessage

gdi32

GetTextMetricsA
SelectObject
TextOutA
GetDeviceCaps
CreateFontA
DeleteObject
GetStockObject

winmm

timeGetTime

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

imm32

ImmGetCandidateListA
ImmGetContext
ImmGetCompositionStringA
ImmReleaseContext
ImmGetDefaultIMEWnd

shell32

ShellExecuteA
FindExecutableA

msvcirt

??0exception@@QAE@XZ
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ

msvcrt

_tzset
abs
_ftol
strncpy
_strnicmp
atoi
_controlfp
_onexit
__dllonexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_sopen
__setusermatherr
_close
_strupr
_strlwr
_stricmp
_adjust_fdiv
__getmainargs
_acmdln
_XcptFilter
_snprintf
_except_handler3
_exit
_endthreadex
_beginthreadex
_purecall
_CxxThrowException
_getdcwd
_daylight
_timezone
localtime
time
_vsnprintf
??2@YAPAXI@Z
strlen
__CxxFrameHandler
_EH_prolog
memmove
malloc
free
memcpy
exit
fprintf
_iob
memcmp
strcat
strrchr
strcpy
memset
sqrt
sscanf
_initterm
_getdrive
acos
atol
strtok
floor
sin
cos
strpbrk
fabs
fseek
ceil
fopen
sprintf
printf
ftell
fwrite
strncmp
fclose
fread

Exports

Exports

GZDllGetGZCOMDirector

Sections

.text
Size: 508KB - Virtual size: 504KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c0ba383516ee089db9db182ce5665ee3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

advapi32

imm32

shell32

msvcirt

msvcrt

Exports

Exports

Sections

.text Size: 508KB - Virtual size: 504KB

.rdata Size: 68KB - Virtual size: 64KB

.data Size: 20KB - Virtual size: 315KB

.rsrc Size: 72KB - Virtual size: 71KB

.text
Size: 508KB - Virtual size: 504KB

.rdata
Size: 68KB - Virtual size: 64KB

.data
Size: 20KB - Virtual size: 315KB

.rsrc
Size: 72KB - Virtual size: 71KB