bf369cb78a757736dcd5204fad53d7e0d1762588dd5cd3a0ef0b24701dcc2a67

Sharing

Copy URL

Twitter E-mail

General

Target

bf369cb78a757736dcd5204fad53d7e0d1762588dd5cd3a0ef0b24701dcc2a67
Size

152KB
MD5

0e17ae2220a7e86077fc35ed45a6a5f0
SHA1

34958c0fbaa08f7a939a9aa5fd4c093cf8706b0d
SHA256

bf369cb78a757736dcd5204fad53d7e0d1762588dd5cd3a0ef0b24701dcc2a67
SHA512

22fad3bb161e33196bab951bf86482ada2a5882ee0bd2305463654dc3c277eedaca237def2bfe39ab901c8c15704e65fd78a4116699cc676ca3cfb13c0c6692f
SSDEEP

3072:jd4Y+anqzT+OtGtaIfnvYF5wpLETSGBqbkAhG8f:jdbh46O4ts+GakAhd

Score

N/A

Malware Config

Signatures

Files

bf369cb78a757736dcd5204fad53d7e0d1762588dd5cd3a0ef0b24701dcc2a67
.exe windows x86

5de5b9586389759ee6c5da355e94fef9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

sti

StiCreateInstanceW

kernel32

CreateThread
CreateEventA
LeaveCriticalSection
RtlZeroMemory
Sleep
SetEvent
InterlockedIncrement
GetTickCount
WaitForMultipleObjects
InitializeCriticalSection
DeleteCriticalSection
InterlockedDecrement
ResetEvent
CreateProcessA
lstrcmpA
lstrcmpiA
SetLastError
FormatMessageA
IsBadReadPtr
GlobalGetAtomNameA
DuplicateHandle
OpenProcess
GetCurrentProcess
lstrlenA
GetVersionExA
DeviceIoControl
CreateFileA
SetEndOfFile
SetFilePointer
lstrcatA
GetWindowsDirectoryA
GetModuleFileNameA
lstrcpynA
FlushFileBuffers
GetCurrentThreadId
GetLocalTime
GetTimeFormatA
GetDateFormatA
WriteFile
GetFileInformationByHandle
LocalFree
ExitProcess
ReleaseMutex
MultiByteToWideChar
WideCharToMultiByte
EnterCriticalSection
LocalReAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
TlsSetValue
TlsAlloc
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
HeapFree
HeapAlloc
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualAlloc
GetProcAddress
LoadLibraryA
SetStdHandle
LocalAlloc
lstrcpyA
CreateMutexA
GetLastError
GetModuleHandleA
SetErrorMode
GetCurrentProcessId
RegisterServiceProcess
CloseHandle
WaitForSingleObject
InterlockedExchange
LCMapStringA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegEnumKeyA
RegQueryInfoKeyA
RegOpenKeyA
RegEnumValueA
RegSetValueExA
RegCloseKey
RegCreateKeyA

user32

MessageBoxA
CreateWindowExA
GetParent
RegisterClassExA
LoadCursorA
LoadIconA
DispatchMessageA
TranslateMessage
GetMessageA
DefWindowProcA
BroadcastSystemMessage
PostQuitMessage
GetActiveWindow
SetWindowPlacement
GetWindowPlacement
CharUpperA
GetWindowLongA
BringWindowToTop
SetFocus
FindWindowA
SetWindowPos
GetSystemMetrics
SetScrollPos
ScrollWindow
UpdateWindow
SendMessageTimeoutA
wvsprintfA
CharNextA
LoadStringA
LoadStringW
DestroyWindow
KillTimer
SetTimer
SetWindowLongA
DialogBoxParamA
SetForegroundWindow
FlashWindowEx
IsWindow
EndDialog
GetForegroundWindow
SetWindowTextA
wsprintfA
GetDlgItem
GetWindowTextA
SendMessageA
ShowWindow
PostMessageA
GetClientRect
ReleaseDC
GetDC

gdi32

GetTextMetricsA

winmm

ord2

rpcrt4

UuidToStringA
NdrServerCall
RpcServerUnregisterIf
RpcStringFreeA
RpcMgmtWaitServerListen
RpcServerUseProtseqEpA
RpcMgmtStopServerListening
RpcServerListen
RpcServerRegisterIf

Exports

Exports

??0EVENT_LOG@@QAE@PBD@Z
??1EVENT_LOG@@QAE@XZ
?LogEvent@EVENT_LOG@@QAEXKGQAPAGK@Z
?LogEvent@EVENT_LOG@@QAEXKGQAPBDK@Z
?LogEventPrivate@EVENT_LOG@@AAEXKGGQAPBDK@Z

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

BSS
Size: 40KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5de5b9586389759ee6c5da355e94fef9

Headers

File Characteristics

Imports

sti

kernel32

advapi32

user32

gdi32

winmm

rpcrt4

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 58KB

.data Size: 24KB - Virtual size: 21KB

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 16KB - Virtual size: 13KB

BSS Size: 40KB - Virtual size: 64KB

.text
Size: 60KB - Virtual size: 58KB

.data
Size: 24KB - Virtual size: 21KB

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 16KB - Virtual size: 13KB

BSS
Size: 40KB - Virtual size: 64KB