1c8b5600888089db53ca2b8a794b92a52ef602a80e6d74262b921c917599d980

Sharing

Copy URL Twitter E-mail

General

Target

1c8b5600888089db53ca2b8a794b92a52ef602a80e6d74262b921c917599d980
Size

221KB
MD5

8226b9f91c6194a30a675a19e2eca080
SHA1

da89339186d167af06d21ce4d94516adb258edea
SHA256

1c8b5600888089db53ca2b8a794b92a52ef602a80e6d74262b921c917599d980
SHA512

c107614a17f90b14f2af6eb9a3218e17ed494f5d89518229ffea821823c936c5e0e2d5f4aa7088d3dc6c6527b5551b33d6f0bdc7b918a9a05d8fafda14f46161
SSDEEP

3072:aP7UNLKYu856EgMIgnoA8OcSLskEvqE4:aPYNn6KCicSLskEvqE4

Score

N/A

Malware Config

Signatures

Files

1c8b5600888089db53ca2b8a794b92a52ef602a80e6d74262b921c917599d980
.exe windows x86

63330b7281c828d7037c5a32ec4c21e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

BitBlt
GetObjectW
PatBlt
CreateBitmap
StretchBlt
GetTextMetricsW
CreateFontIndirectW
GetObjectW
GetTextMetricsW
CreateCompatibleBitmap
CreateSolidBrush
GetObjectW
DeleteDC
GetTextMetricsW
GetObjectW
CreateCompatibleDC
CreateFontIndirectW
MoveToEx
GetTextExtentPoint32W
GetObjectW
CreateCompatibleDC
GetObjectW
ExtTextOutW
CreateBitmap
MoveToEx
CreateSolidBrush
BitBlt
MoveToEx
CreateSolidBrush
MoveToEx
CreateSolidBrush
PatBlt
LineTo
GetObjectW
GetObjectW
CreateSolidBrush
DeleteObject
StretchBlt
PatBlt
GetTextMetricsW
GetObjectW
GetDeviceCaps
TextOutW
LineTo
GetStockObject
TextOutW
GetStockObject
CreateFontIndirectW
StretchBlt
CreateBitmap
LineTo
CreateFontIndirectW
CreateFontIndirectW
GetObjectW
CreateCompatibleDC
PatBlt
LineTo
GetObjectW
BitBlt
CreateBitmap
CreateFontIndirectW
TextOutW
TextOutW
BitBlt
CreateSolidBrush
GetTextMetricsW
CreateCompatibleBitmap
CreateSolidBrush
GetDeviceCaps
LineTo
DeleteObject
TextOutW
MoveToEx
GetStockObject
GetDeviceCaps
DeleteObject
CreateSolidBrush
GetTextMetricsW
CreateCompatibleDC
MoveToEx
BitBlt
GetTextExtentPoint32W
LineTo
CreateSolidBrush
CreateSolidBrush
CreateBitmap
LineTo
ExtTextOutW
TextOutW
ExtTextOutW
ExtTextOutW
GetDeviceCaps
ExtTextOutW
DeleteDC
GetDeviceCaps
GetDeviceCaps
TextOutW
CreateBitmap
LineTo
LineTo
CreateFontIndirectW
MoveToEx
PatBlt
TextOutW
StretchBlt
LineTo
DeleteObject
TextOutW
BitBlt
StretchBlt
BitBlt
GetDeviceCaps
GetStockObject
GetDeviceCaps
MoveToEx
BitBlt
CreateFontIndirectW
CreateCompatibleDC
GetDeviceCaps
CreateFontIndirectW
GetDeviceCaps
PatBlt
GetTextMetricsW
PatBlt
LineTo
ExtTextOutW
DeleteObject
LineTo
CreateFontIndirectW
GetTextExtentPoint32W
CreateSolidBrush
GetObjectW
GetStockObject
CreateSolidBrush
CreateSolidBrush
PatBlt
GetTextMetricsW
GetTextMetricsW
PatBlt
GetDeviceCaps
GetTextExtentPoint32W
GetStockObject
DeleteDC
TextOutW
CreateFontIndirectW
CreateCompatibleBitmap
CreateCompatibleBitmap
GetTextExtentPoint32W
DeleteDC
TextOutW
DeleteDC
DeleteDC
GetTextMetricsW
ExtTextOutW
DeleteObject
ExtTextOutW
TextOutW
CreateBitmap
GetObjectW
LineTo
DeleteDC
DeleteDC
GetTextMetricsW
GetTextExtentPoint32W
GetDeviceCaps
ExtTextOutW
CreateFontIndirectW
CreateCompatibleBitmap
GetTextMetricsW
GetObjectW
GetDeviceCaps
GetTextExtentPoint32W
CreateSolidBrush
MoveToEx
TextOutW
GetTextExtentPoint32W
GetTextExtentPoint32W
StretchBlt
CreateFontIndirectW
TextOutW
GetDeviceCaps
LineTo
PatBlt
TextOutW
GetTextMetricsW
GetTextMetricsW
BitBlt
StretchBlt
LineTo
CreateFontIndirectW
CreateSolidBrush
CreateBitmap
CreateFontIndirectW
LineTo
CreateCompatibleBitmap
GetObjectW
CreateCompatibleBitmap
CreateFontIndirectW
PatBlt
MoveToEx
LineTo
GetTextExtentPoint32W
GetDeviceCaps
CreateCompatibleDC
GetTextMetricsW
PatBlt
CreateBitmap
StretchBlt
CreateBitmap
CreateCompatibleBitmap
PatBlt
GetTextExtentPoint32W
GetDeviceCaps
LineTo
BitBlt
DeleteObject
GetObjectW
StretchBlt
CreateCompatibleDC
CreateSolidBrush
MoveToEx
GetStockObject
GetTextMetricsW
TextOutW
CreateSolidBrush
GetTextExtentPoint32W
GetStockObject
CreateCompatibleDC
CreateCompatibleDC
GetTextExtentPoint32W
GetTextExtentPoint32W
StretchBlt
GetStockObject
ExtTextOutW
GetObjectW
CreateSolidBrush
TextOutW
LineTo
DeleteDC
BitBlt
StretchBlt
GetObjectW
GetTextMetricsW
TextOutW
PatBlt
CreateBitmap
GetTextExtentPoint32W
GetTextExtentPoint32W
PatBlt
MoveToEx
GetTextExtentPoint32W
PatBlt
PatBlt
MoveToEx
GetTextMetricsW
GetObjectW
LineTo
ExtTextOutW
DeleteObject
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateFontIndirectW
LineTo
ExtTextOutW
GetStockObject
TextOutW
TextOutW
GetDeviceCaps
TextOutW
CreateFontIndirectW
LineTo
GetTextExtentPoint32W
PatBlt
GetDeviceCaps
DeleteObject
CreateCompatibleBitmap
CreateSolidBrush
DeleteObject
BitBlt
GetTextMetricsW
GetDeviceCaps
CreateCompatibleBitmap
MoveToEx
CreateCompatibleBitmap
TextOutW
LineTo
GetTextMetricsW
GetTextExtentPoint32W
ExtTextOutW
GetObjectW
StretchBlt
GetDeviceCaps
DeleteDC
CreateSolidBrush
GetDeviceCaps
BitBlt
MoveToEx
GetObjectW
DeleteDC
CreateBitmap
TextOutW
GetStockObject
GetStockObject
CreateBitmap
CreateBitmap
GetTextExtentPoint32W
TextOutW
CreateSolidBrush
MoveToEx
StretchBlt
StretchBlt
DeleteObject
GetObjectW
GetTextExtentPoint32W
CreateBitmap
GetTextExtentPoint32W
MoveToEx
DeleteObject
LineTo
GetTextExtentPoint32W
CreateCompatibleBitmap
DeleteDC
MoveToEx
GetTextExtentPoint32W

kernel32

GetBinaryTypeA
QueryPerformanceCounter
Process32First
GetProcessShutdownParameters
LoadLibraryExW
EnumSystemLocalesW
Process32First
GetProcessAffinityMask
SetCommMask
lstrcpynA
QueryPerformanceCounter
SetHandleInformation
SearchPathA
GlobalAddAtomA
CopyFileW
SetHandleInformation
Toolhelp32ReadProcessMemory
GetProcessAffinityMask
GetProcessShutdownParameters
QueryPerformanceCounter
ReadFileEx
SetCommMask
QueryPerformanceCounter
EndUpdateResourceA
SetNamedPipeHandleState
ClearCommBreak
GlobalUnlock
MultiByteToWideChar
SetNamedPipeHandleState
WritePrivateProfileSectionA
QueryPerformanceCounter
QueryPerformanceCounter
SetThreadExecutionState
AllocConsole
EnumSystemLocalesW
FindCloseChangeNotification
SetHandleInformation
IsBadWritePtr
ReadFileEx
SearchPathA
GetPrivateProfileSectionA
AssignProcessToJobObject
GetProfileIntA
PrepareTape
CreatePipe
_lcreat
QueryPerformanceCounter
QueryPerformanceCounter
QueryPerformanceCounter
GetBinaryTypeA
ClearCommBreak
WriteProfileSectionA
GetSystemInfo
GetTimeFormatW
SetUnhandledExceptionFilter
CreatePipe
QueryPerformanceCounter
QueryPerformanceCounter
GlobalUnlock
GetPrivateProfileSectionA
QueryPerformanceCounter
SetNamedPipeHandleState
QueryPerformanceCounter
QueryPerformanceCounter
VirtualProtect
QueryPerformanceCounter
SetNamedPipeHandleState
GetPrivateProfileSectionA
AllocConsole
SetThreadExecutionState

Sections

.text
Size: 165KB - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nbmh
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ktqr
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.flaf
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.blob
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dlrx
Size: 22KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

63330b7281c828d7037c5a32ec4c21e0

Headers

File Characteristics

Imports

gdi32

kernel32

Sections

.text Size: 165KB - Virtual size: 348KB

.data Size: 4KB - Virtual size: 4KB

.idata Size: 4KB - Virtual size: 4KB

.text Size: 4KB - Virtual size: 4KB

.idata Size: 7KB - Virtual size: 8KB

.nbmh Size: 4KB - Virtual size: 4KB

.ktqr Size: 4KB - Virtual size: 4KB

.flaf Size: 4KB - Virtual size: 4KB

.blob Size: 1024B - Virtual size: 4KB

.dlrx Size: 22KB - Virtual size: 32KB

.text
Size: 165KB - Virtual size: 348KB

.data
Size: 4KB - Virtual size: 4KB

.idata
Size: 4KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 4KB

.idata
Size: 7KB - Virtual size: 8KB

.nbmh
Size: 4KB - Virtual size: 4KB

.ktqr
Size: 4KB - Virtual size: 4KB

.flaf
Size: 4KB - Virtual size: 4KB

.blob
Size: 1024B - Virtual size: 4KB

.dlrx
Size: 22KB - Virtual size: 32KB