ff4a4138551ab0f0bb1804515ae669b686e09bd8f5fa5d2eee31f46e960e837d

Sharing

Copy URL Twitter E-mail

General

Target

ff4a4138551ab0f0bb1804515ae669b686e09bd8f5fa5d2eee31f46e960e837d
Size

440KB
MD5

82137b6f3b38e920567bc228ff6b3f36
SHA1

5905e4180491a62f9a7b1523eb3b1b8d23281f01
SHA256

ff4a4138551ab0f0bb1804515ae669b686e09bd8f5fa5d2eee31f46e960e837d
SHA512

0b5becaa46f88b2fc3e683c1e8490b836be5dd53525bfd3bedc0bfe4665f7449455868923fe9d3fd8efcc51f1af9fcc614c9b04613f9625727bc9ed5fd699362
SSDEEP

6144:UzZ8hk+Ji+F5wEnUC+9yVDk2k3IDXeSTNYEfMfVJeax3NEP96:UzOhkIi+PwEn4gfkiXYxxN296

Score

N/A

Malware Config

Signatures

Files

ff4a4138551ab0f0bb1804515ae669b686e09bd8f5fa5d2eee31f46e960e837d
.exe windows x86

3b2b94c61325b1fdc08abac31972f2db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

kernel32

CreateFileA
LockResource
SizeofResource
GetModuleFileNameA
GetPrivateProfileStringA
ExitProcess
LocalFree
LocalSize
LocalAlloc
lstrlenA
FormatMessageA
FindClose
FindNextFileA
lstrcmpiA
FindFirstFileA
lstrcatA
lstrcpyA
GetLastError
CreateTimerQueue
CreateFileW
FlushFileBuffers
GetStringTypeW
LCMapStringW
WriteConsoleW
SetStdHandle
WriteFile
IsValidCodePage
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
HeapSize
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetLocalTime
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
GetStdHandle
LoadLibraryW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
InterlockedIncrement
CloseHandle
GetProcAddress
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentThread
GetCurrentProcess
SetLastError
FreeLibrary
HeapCreate
GlobalAlloc
GlobalLock
GlobalUnlock
HeapFree
HeapReAlloc
MulDiv
GetTimeFormatW
LoadLibraryA
GetDateFormatW
GetLocaleInfoA
SetupComm
GetCommState
SetCommState
SetCommTimeouts
InterlockedDecrement
GetProcessHeap
HeapAlloc
GetUserDefaultLangID
FindResourceExA
GetOEMCP
FindResourceA
LoadResource
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsProcessorFeaturePresent
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RaiseException
EncodePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineA
DecodePointer
GetModuleHandleW
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleA
GetTickCount

user32

BeginPaint
GetClientRect
SendMessageW
GetWindow
SetMenu
EnumWindowStationsW
KillTimer
LoadImageA
CheckMenuItem
GetMenu
SetWindowTextW
CreateWindowExW
GetWindowTextW
MessageBoxA
InsertMenuItemA
GetDlgItem
SetWindowTextA
LoadIconA
SetFocus
SendMessageA
CheckRadioButton
GetWindowTextA
EndDialog
SendDlgItemMessageA
SetDlgItemTextA
CheckDlgButton
ShowWindow
OemToCharA
wsprintfA
SetRect
FillRect
EndPaint
PostQuitMessage
DefWindowProcA
FindWindowA
SetWindowLongA
CreateWindowExA
DestroyWindow
GetWindowTextLengthW

gdi32

DeleteObject
SetMapMode
DeleteDC
StartDocW
GetDeviceCaps
CreateFontIndirectW
SelectObject
EndDoc
GetObjectA
CreateCompatibleDC
StretchBlt
BitBlt
SetTextColor
CreateSolidBrush

comdlg32

PrintDlgW

advapi32

EqualSid
GetSidSubAuthority
GetUserNameW
OpenThreadToken
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
GetSidIdentifierAuthority
FreeSid
LsaAddAccountRights
LsaRemoveAccountRights
IsValidSid
GetSidSubAuthorityCount

ole32

CoCreateInstance
CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
CoUninitialize
OleGetClipboard
ReleaseStgMedium

oleaut32

SysFreeString
VariantInit
SysStringLen
VariantClear
SysAllocString
VariantChangeType

netapi32

NetUserGetInfo
NetApiBufferFree

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

crypt32

CertGetNameStringA

shlwapi

PathIsRelativeW
PathFileExistsW

msi

ord204

dxva2

GetTimingReport

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b2b94c61325b1fdc08abac31972f2db

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

netapi32

version

crypt32

shlwapi

msi

dxva2

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 282KB - Virtual size: 281KB

.data Size: 20KB - Virtual size: 27KB

.rsrc Size: 64KB - Virtual size: 64KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 282KB - Virtual size: 281KB

.data
Size: 20KB - Virtual size: 27KB

.rsrc
Size: 64KB - Virtual size: 64KB

.reloc
Size: 8KB - Virtual size: 8KB