813698301e15cfef64e9abcbcbc8a86a9ef9759f2b66f9f32966a4553eb2d467

Sharing

Copy URL Twitter E-mail

General

Target

813698301e15cfef64e9abcbcbc8a86a9ef9759f2b66f9f32966a4553eb2d467
Size

782KB
MD5

3b427a9b6634a3755e7329956bdb2270
SHA1

b14e613f64b65c6d55888d7f132ec38d1a122aca
SHA256

813698301e15cfef64e9abcbcbc8a86a9ef9759f2b66f9f32966a4553eb2d467
SHA512

0d37b18cc187eb76d55329b8366df5ca8b8e350f5539d0f18c0835c3e23625804ade8e89356edbadfbf66cc7189fef3ecd200c6ca01e8ef5cd30db06b9b7e432
SSDEEP

12288:eSzOXmqLLVnzBtb9MBvWvSzuP6qqiNre7u:eLXFVntJWcWuP8iWu

Score

N/A

Malware Config

Signatures

Files

813698301e15cfef64e9abcbcbc8a86a9ef9759f2b66f9f32966a4553eb2d467
.exe windows x86

2f9e8934c1044f287326426bc06e9c40

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
FormatMessageA
FreeLibrary
FreeResource
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetDiskFreeSpaceA
GetExitCodeProcess
GetFileAttributesA
GetLastError
GetModuleFileNameA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetShortPathNameA
GetStartupInfoA
GetSystemDirectoryA
GetSystemInfo
GetTempFileNameA
GetTempPathA
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
FindNextFileA
LoadLibraryA
LoadLibraryExA
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LockResource
ReadFile
RemoveDirectoryA
ResetEvent
SetCurrentDirectoryA
SetEvent
SetFileAttributesA
SetFilePointer
SetFileTime
SizeofResource
TerminateThread
WaitForSingleObject
WriteFile
_lclose
_llseek
_lopen
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
FindFirstFileA
FindClose
ExitProcess
DosDateTimeToFileTime
DeleteFileA
CreateThread
CreateProcessA
CreateMutexA
CreateFileA
CreateEventA
CreateDirectoryA
CloseHandle
GetDriveTypeA
VirtualAllocEx
Sleep
IsDBCSLeadByte
GetModuleHandleA

user32

GetWindowRect
LoadStringA
MessageBeep
MessageBoxA
MsgWaitForMultipleObjects
PeekMessageA
ReleaseDC
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetForegroundWindow
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
wsprintfA
GetWindowLongA
GetDlgItemTextA
GetDlgItem
GetDesktopWindow
GetDC
ExitWindowsEx
EndDialog
EnableWindow
DispatchMessageA
DialogBoxIndirectParamA
CharUpperA
CharPrevA
CharNextA
CallWindowProcA
LoadCursorW
GetSysColor
LoadIconA

gdi32

GetDeviceCaps

advapi32

LookupPrivilegeValueA
RegQueryValueExA
RegOpenKeyExA
AdjustTokenPrivileges
AllocateAndInitializeSid
EqualSid
FreeSid
GetTokenInformation
OpenProcessToken
RegCloseKey
RegCreateKeyExA
RegDeleteValueA
RegQueryInfoKeyA
RegSetValueExA

winmm

timeGetTime

Sections

.text
Size: 669KB - Virtual size: 669KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tfffa0
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f9e8934c1044f287326426bc06e9c40

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

winmm

Sections

.text Size: 669KB - Virtual size: 669KB

.rdata Size: 25KB - Virtual size: 24KB

.data Size: 20KB - Virtual size: 20KB

.tfffa0 Size: 8KB - Virtual size: 7KB

.rsrc Size: 58KB - Virtual size: 57KB

.text
Size: 669KB - Virtual size: 669KB

.rdata
Size: 25KB - Virtual size: 24KB

.data
Size: 20KB - Virtual size: 20KB

.tfffa0
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 58KB - Virtual size: 57KB