5ef143e620b8d9f1dd299fbf8710ee273db02981d5102c2d4793c6b29d385a25

Sharing

Copy URL Twitter E-mail

General

Target

5ef143e620b8d9f1dd299fbf8710ee273db02981d5102c2d4793c6b29d385a25
Size

752KB
MD5

0cf6b6270bd861101ef5b4b6f770a7a4
SHA1

4414e7284efb1ca305f6a4e79640e992cfe91fd6
SHA256

5ef143e620b8d9f1dd299fbf8710ee273db02981d5102c2d4793c6b29d385a25
SHA512

4931af9a7985c451eb49fec2aa068eeb3f141f147047cec24d142578f5184cb89984883cce48a1b6e5d29b1004d21fd70958cd91968af9e2c10c3ab4d696e5e0
SSDEEP

12288:S5vVQy9MIJ/WEX1P0MDSFm+MegSO7Th8Wqt9HpbX5ASGfKkyyMLE6MW1AUkBPnnv:iQyaIJ/7/EmR9FTm9Jb5ASGfKkTMLE6W

Score

N/A

Malware Config

Signatures

Files

5ef143e620b8d9f1dd299fbf8710ee273db02981d5102c2d4793c6b29d385a25
.exe windows x86

e93d5ebf80cb51612c0355fdcd291f5e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

??3@YAXPAX@Z
_purecall
??2@YAPAXI@Z
wcslen
wcsstr
_resetstkoflw
free
malloc
wcsncpy
wcschr
iswspace
_errno
wcstoul
_vsnwprintf
wcsncmp
_wcslwr
_ultow
wcsrchr
wcscmp
_wcsicmp
rand
srand
_endthreadex
_beginthreadex
realloc
wcscpy
_c_exit
_exit
_XcptFilter
_cexit
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_except_handler3

advapi32

RegOpenKeyExA
RegQueryInfoKeyA
RegDeleteValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyW
RegCloseKey
GetUserNameW

kernel32

SetLastError
RaiseException
GlobalFree
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalSize
SetProcessWorkingSetSize
HeapCreate
HeapDestroy
GetCurrentProcess
FreeLibrary
GetProcAddress
LoadLibraryW
GetSystemDirectoryW
GetVersionExW
CloseHandle
CreateFileW
InterlockedIncrement
InterlockedDecrement
CompareStringW
WaitForSingleObject
CreateMutexW
GetCurrentThreadId
GetCommandLineW
GetWindowsDirectoryW
ReadFile
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryExW
GetModuleHandleW
GetLocaleInfoA
LockResource
LoadResource
FindResourceExW
FindClose
FindNextFileW
FindFirstFileW
lstrcpynW
lstrlenW
OutputDebugStringW
ResetEvent
WaitForMultipleObjects
SetEvent
CreateEventW
GetSystemDefaultLangID
TerminateThread
CreateThread
IsBadReadPtr
MulDiv
CreateFileA
LCMapStringW
GetModuleFileNameW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
SizeofResource
lstrcmpiW
lstrcpyW
lstrcatW
FindResourceW
GetStringTypeExW
GetStringTypeExA
InterlockedCompareExchange
LoadLibraryA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetACP
GetTickCount
Sleep
GetLastError
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
IsBadWritePtr
lstrlenA
DelayLoadFailureHook

gdi32

GetStockObject
FillPath
FrameRgn
CreateSolidBrush
EndPath
LineTo
MoveToEx
SetPolyFillMode
BeginPath
Ellipse
RoundRect
CreatePen
CreateCompatibleBitmap
SetTextColor
SetBkMode
TranslateCharsetInfo
DeleteDC
CreateCompatibleDC
GetRgnBox
CreateRectRgn
GdiFlush
StretchDIBits
SetStretchBltMode
ExtCreateRegion
GetRegionData
CreateFontW
GetDeviceCaps
CreateFontIndirectW
CombineRgn
SetRectRgn
GetSystemPaletteEntries
CreateDIBSection
CreatePalette
CreateHalftonePalette
SetBkColor
EnumFontFamiliesExW
GetTextAlign
ExtTextOutW
GetTextColor
GetTextExtentPointW
TextOutW
GetTextExtentPoint32W
FillRgn
DeleteObject
GetNearestPaletteIndex
GetPaletteEntries
GetObjectW
SelectPalette
RealizePalette
BitBlt
SetMapMode
SelectObject
GetTextMetricsW
SetTextAlign

user32

SetFocus
FindWindowW
FindWindowExW
GetUpdateRect
GetClientRect
GetSysColorBrush
FrameRect
DrawTextW
CharNextW
GetClassNameW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
DrawIconEx
MessageBeep
CallWindowProcW
IsDlgButtonChecked
SendDlgItemMessageW
CheckDlgButton
CheckRadioButton
GetDlgItem
SystemParametersInfoW
SetWindowTextW
MoveWindow
LoadIconW
CreatePopupMenu
PostMessageW
DestroyWindow
IsWindow
SetRectEmpty
GetSysColor
ReleaseDC
GetDC
IsWindowVisible
SetTimer
UpdateLayeredWindow
FillRect
ScrollDC
InflateRect
CopyRect
UpdateWindow
InvalidateRect
EndPaint
BeginPaint
SetWindowPos
SetRect
GetWindowRect
SetWindowRgn
IsWindowEnabled
ShowWindow
KillTimer
DefWindowProcW
SetWindowLongW
GetWindowLongW
CreateWindowExW
RegisterClassW
LoadCursorW
IsRectEmpty
GetWindowRgn
SetCapture
SendMessageW
AllowSetForegroundWindow
ClientToScreen
GetAsyncKeyState
ReleaseCapture
GetSystemMetrics
ScreenToClient
GetCursorPos
ValidateRect
GetCapture
PeekMessageW
EnableWindow
GetDoubleClickTime
SetCursor
RegisterClassExW
SendMessageTimeoutW
GetKeyboardState
RegisterHotKey
UnregisterHotKey
LoadImageW
GetForegroundWindow
PostQuitMessage
DispatchMessageW
TranslateMessage
IsDialogMessageW
GetMessageW
wsprintfW
GetKeyNameTextW
MapVirtualKeyW
IntersectRect
OffsetRect
PtInRect
WinHelpW
DestroyIcon
GetParent
RegisterWindowMessageW
SendNotifyMessageW
DrawEdge
DestroyMenu
keybd_event
GetKeyboardLayout
AppendMenuW
TrackPopupMenu
SetForegroundWindow
MessageBoxW

ole32

CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
OleInitialize
OleUninitialize
GetClassFile
CoUnmarshalInterface
CoInitialize
CoUninitialize
CoSuspendClassObjects
CoRegisterMessageFilter
CoMarshalInterface
CreateStreamOnHGlobal
CLSIDFromString
StringFromGUID2
CoFreeUnusedLibraries
CoCreateInstance
CoTaskMemAlloc

oleaut32

SysAllocString
SysStringLen
VariantInit
SysFreeString
VariantClear
VariantCopy
VariantChangeType
LoadRegTypeLi
SetErrorInfo
VarI4FromStr
RegisterTypeLi
LoadTypeLi

Sections

.text
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 500KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e93d5ebf80cb51612c0355fdcd291f5e

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

ole32

oleaut32

Sections

.text Size: 216KB - Virtual size: 215KB

.data Size: 1024B - Virtual size: 4KB

.rsrc Size: 34KB - Virtual size: 34KB

.vmp0 Size: 500KB - Virtual size: 1.6MB

.text
Size: 216KB - Virtual size: 215KB

.data
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 34KB - Virtual size: 34KB

.vmp0
Size: 500KB - Virtual size: 1.6MB