fb2b1ff65ccec2b7ad977cfd64540be9658ba6f38f0be27e870d46462be5d922

Sharing

Copy URL

Twitter E-mail

General

Target

fb2b1ff65ccec2b7ad977cfd64540be9658ba6f38f0be27e870d46462be5d922
Size

845KB
MD5

82fe9ee951fa322ace8112dcb0935c80
SHA1

1295a71df7abb8f0b2f1c3217a5691dd0d2b529d
SHA256

fb2b1ff65ccec2b7ad977cfd64540be9658ba6f38f0be27e870d46462be5d922
SHA512

58efc4b3fded3f0630592efe3a2bcdf14f45ab2ebbb0cc37bcbe229a0dccca75e50e14f0e5d9ab42d6f1eb49efc573ec698a1eea4986288259d32036ff23bdce
SSDEEP

24576:F7TN2PlaeD10HZbSMUTvhtMKQoEM0V0hvNctkZs:J3H5Ght350Vqvatk

Score

N/A

Malware Config

Signatures

Files

fb2b1ff65ccec2b7ad977cfd64540be9658ba6f38f0be27e870d46462be5d922
.exe windows x86

cbe3663d4c35f45a7ea1cfd275154d1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
GlobalSize
HeapFree
TlsFree
SetStdHandle
SetThreadPriority
InterlockedCompareExchange
GlobalLock
OutputDebugStringW
TlsSetValue
IsProcessorFeaturePresent
FreeLibrary
UnhandledExceptionFilter
CloseHandle
CreateFileW
HeapAlloc
RaiseException
GetCurrentThreadId
RemoveDirectoryW
CreateEventW
LockResource
GetFileTime
WriteFile
GetProcessAffinityMask
LeaveCriticalSection
GetCommandLineA
ReadFile
Sleep
DuplicateHandle
FindFirstFileW
GetFileAttributesExW
GetLastError
HeapSize
GetCurrentProcess
EnterCriticalSection
VirtualQuery
SetUnhandledExceptionFilter
GlobalUnlock
GetFileType
WideCharToMultiByte
DeleteFileW
GetFileAttributesW
HeapSetInformation
GetSystemTimeAsFileTime
GetACP
MulDiv
GetModuleFileNameA
CancelIo
InitializeCriticalSectionAndSpinCount
GetVersion
IsValidCodePage
FindClose
GetSystemDirectoryW
LCMapStringW
GetModuleFileNameW
GetConsoleCP
GetProcessVersion
SetEndOfFile
GetCurrentThread
ExitProcess
SleepEx
GetCommandLineW
MoveFileExW
ExitThread
GetConsoleMode
LoadLibraryW
SetFilePointer
ReadDirectoryChangesW
MultiByteToWideChar
SetErrorMode
TerminateProcess
LoadLibraryA
SetHandleCount
HeapCreate
SetConsoleCtrlHandler
QueryPerformanceFrequency
WriteConsoleW
RtlUnwind
WaitForSingleObject
GetCurrentProcessId
InterlockedIncrement
GetEnvironmentStringsW
CopyFileW
LocalFileTimeToFileTime
GetOverlappedResult
FileTimeToSystemTime
SetLastError
CreateThread
GetExitCodeThread
VirtualAlloc
GetProcessHeap
GetOEMCP
FileTimeToLocalFileTime
ResetEvent
GetVersionExW
GetCPInfo
FlushFileBuffers
LocalFree
HeapDestroy
FindNextFileW
GetSystemInfo
GetThreadPriority
GetStdHandle
VirtualFree
InterlockedDecrement
SizeofResource
GetProcessTimes
SetThreadExecutionState
SetEvent
LoadResource
GetFileInformationByHandle
FreeEnvironmentStringsW
GetStringTypeW
GlobalAlloc
FindResourceExW
GlobalFree
HeapReAlloc
lstrlenW
LocalAlloc
GetModuleHandleW
QueryPerformanceCounter
CreateMutexW
FlushInstructionCache
InitializeCriticalSection
InterlockedExchange
GetStartupInfoA
OutputDebugStringA
DeleteCriticalSection
GetProcAddress
WaitForMultipleObjects
HeapQueryInformation
GetFileSize
FindResourceW
VirtualProtect
TlsGetValue
TlsAlloc
GetTickCount
SystemTimeToFileTime
IsDebuggerPresent

user32

wsprintfW
TrackPopupMenu
EnumChildWindows
EndDialog
wsprintfA
IsWindowVisible
GetActiveWindow
IsClipboardFormatAvailable
RegisterWindowMessageW
CopyRect
MonitorFromRect
PeekMessageW
BeginPaint
DrawTextW
RegisterClassW
EnumThreadWindows
IsChild
LoadIconW
LoadCursorW
RegisterClassExW
RegisterShellHookWindow
TranslateAcceleratorW
SetWindowsHookExW
MapWindowPoints
GetMessageW
GetSystemMetrics
OffsetRect
GetClientRect
BeginDeferWindowPos
GetWindowDC
MapDialogRect
CheckMenuRadioItem
GetParent
GetMenu
SetMenuItemInfoW
PostQuitMessage
MapVirtualKeyW
UpdateWindow
CallWindowProcW
TrackPopupMenuEx
IsCharAlphaW
GetMenuItemCount
DispatchMessageW
AdjustWindowRect
DrawIconEx
GetScrollInfo
DialogBoxParamW
MessageBoxW
DestroyWindow
CreatePopupMenu
SendDlgItemMessageW
SendMessageW
GetKeyState
GetWindowTextW
LoadAcceleratorsW
CloseClipboard
SetFocus
SetDlgItemTextW
MsgWaitForMultipleObjects
UnregisterHotKey
SetClipboardData
GetFocus
CharUpperW
SetCapture
EndDeferWindowPos
SetCursor
EndPaint
CharLowerW
MessageBeep
GetClassNameW
SetWindowTextW
RegisterHotKey
AppendMenuW
GetClassInfoExW
GetMenuItemInfoW
AdjustWindowRectEx
GetWindowThreadProcessId
EnumWindows
RegisterClipboardFormatW
MonitorFromPoint
CallNextHookEx
SetLayeredWindowAttributes
SetWindowLongW
EmptyClipboard
CreateWindowExW
SetTimer
SetWindowPos
ShowWindow
GetDC
IsIconic
DestroyIcon
WindowFromPoint
IsDialogMessageW
GetClipboardData
GetWindowPlacement
InvalidateRect
DeferWindowPos
AllowSetForegroundWindow
GetSysColor
ClientToScreen
ScreenToClient
EnableWindow
IntersectRect
LoadImageW
ReleaseDC
PostMessageW
IsWindowEnabled
FillRect
KillTimer
DestroyAcceleratorTable
GetDlgItem
GetComboBoxInfo
DrawEdge
DestroyMenu
SetActiveWindow
GetWindowRect
OpenClipboard
TranslateMessage
GetWindowLongW
UnhookWindowsHookEx
SetForegroundWindow
GetMessagePos
CreateDialogParamW
MoveWindow
RedrawWindow
DefWindowProcW
UnregisterClassW
DeregisterShellHookWindow
UnregisterClassA
GetMonitorInfoW
GetDlgCtrlID

gdi32

GetDeviceCaps
ExtTextOutW
DeleteObject
SetWindowOrgEx
SelectObject
CreateCompatibleBitmap
GetObjectW
CreateCompatibleDC
SetDCBrushColor
SetTextColor
GetStockObject
OffsetWindowOrgEx
DeleteDC
SetBkMode
CreateFontIndirectW
SetBkColor
GetTextExtentPoint32W

advapi32

CryptCreateHash
CryptAcquireContextW
RegCreateKeyExW
RegCloseKey
CryptGetHashParam
RegOpenKeyExW
CryptHashData
RegEnumKeyExW
RegQueryValueExW
RegCreateKeyW
CryptDestroyKey
RegOpenKeyW
CryptImportKey
RegSetValueExW
CryptVerifySignatureW
CryptDestroyHash
RegDeleteValueW
RegQueryInfoKeyW
RegEnumValueW
CryptReleaseContext

ole32

CoTaskMemAlloc
OleSetClipboard
CreateStreamOnHGlobal
OleInitialize
CoInitialize
OleUninitialize
CoUninitialize
CoCreateGuid
CoCreateInstance
OleGetClipboard
ReleaseStgMedium
CoTaskMemFree

shlwapi

ColorHLSToRGB
StrCmpLogicalW
SHDeleteKeyW
SHAutoComplete

iphlpapi

AddIPAddress

secur32

EncryptMessage
ApplyControlToken
InitializeSecurityContextW
FreeCredentialsHandle
AcquireCredentialsHandleW
FreeContextBuffer
QueryContextAttributesW
DeleteSecurityContext
CompleteAuthToken
DecryptMessage

oledlg

ord6

psapi

GetProcessMemoryInfo

Sections

.text
Size: 704KB - Virtual size: 704KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cbe3663d4c35f45a7ea1cfd275154d1f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

shlwapi

iphlpapi

secur32

oledlg

psapi

Sections

.text Size: 704KB - Virtual size: 704KB

.rdata Size: 35KB - Virtual size: 35KB

.data Size: 85KB - Virtual size: 129KB

.rsrc Size: 15KB - Virtual size: 14KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 704KB - Virtual size: 704KB

.rdata
Size: 35KB - Virtual size: 35KB

.data
Size: 85KB - Virtual size: 129KB

.rsrc
Size: 15KB - Virtual size: 14KB

.reloc
Size: 4KB - Virtual size: 3KB