a2765bb6aa0bde214ea2274f7959e28764d402bc14e33ea2bb466236e26dc1ff

Sharing

Copy URL Twitter E-mail

General

Target

a2765bb6aa0bde214ea2274f7959e28764d402bc14e33ea2bb466236e26dc1ff
Size

203KB
MD5

22e475056fea648d9c7a5bb0d3eb7291
SHA1

e1ef96afef7fa01444d048bd725d75c31b3afc87
SHA256

a2765bb6aa0bde214ea2274f7959e28764d402bc14e33ea2bb466236e26dc1ff
SHA512

f2aedfb09f9e7b00e90a26cb9f41e9909b535b7bcc9bda77ec3283f7a5491cc59303b2611beb0727b7335743510c63d93a2949961321bb60b0140a3bada35117
SSDEEP

6144:c93byqXWYoLmZFN44UTXUxlWy1qdvxFUb0sYgB:clbXmrmwExx30sJ

Score

N/A

Malware Config

Signatures

Files

a2765bb6aa0bde214ea2274f7959e28764d402bc14e33ea2bb466236e26dc1ff
.exe windows x86

14c1c107a60087c315e2d09220e0ca6b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_strlwr
free
_initterm
malloc
_resetstkoflw
memcpy
memset
wcslen
wcscmp
wcscpy
wcscat

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DelayLoadFailureHook
RtlMoveMemory
LocalAlloc
CloseHandle
GetCurrentThread
HeapReAlloc
Sleep
MultiByteToWideChar
GetVersionExA
GetSystemDirectoryW
CreateFileW
FindFirstFileExW
WriteFile
GetFileSize
DeleteFileW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
WideCharToMultiByte
FindNextFileW
LoadLibraryExA
SizeofResource
LoadResource
FindResourceA
ReadFile
_lclose
SetFilePointer
OpenFile
InterlockedCompareExchange
lstrcpyW
HeapAlloc
GetProcessHeap
HeapFree
GetModuleFileNameA
DeleteCriticalSection
IsBadWritePtr
lstrcmpiA
lstrcmpA
InitializeCriticalSection
LoadLibraryA
GetProcAddress
lstrcpyA
FreeLibrary
LocalFree
lstrlenW
RaiseException
EnterCriticalSection
LeaveCriticalSection
lstrlenA
FindClose
SetLastError
GetLastError
VirtualAllocEx
SetVolumeLabelW
CancelIo
SetHandleContext
QueryInformationJobObject
SetUserGeoID
CancelDeviceWakeupRequest
LocalLock
SwitchToFiber
SetConsoleCursor
lstrcmpW
GetConsoleCharType
SearchPathA
GlobalHandle
EnumResourceNamesA
HeapValidate
CreateWaitableTimerA
FreeConsole
SetVDMCurrentDirectories
GetUserGeoID
GetModuleHandleExW
SetConsoleTitleW
UnregisterWait
GetFileTime
EscapeCommFunction
CreateDirectoryExA
GetFirmwareEnvironmentVariableW
GetNumaProcessorNode
SetConsoleWindowInfo
SetTapeParameters
GetLongPathNameA
WriteTapemark
DebugBreakProcess
HeapWalk
TzSpecificLocalTimeToSystemTime
GlobalAddAtomW
OpenJobObjectA
SetProcessWorkingSetSize
Process32FirstW
lstrcmpiW
RemoveDirectoryA
CreateMailslotA
CopyFileExW
EndUpdateResourceW
GetPriorityClass
GetNextVDMCommand
DnsHostnameToComputerNameW
SetComputerNameExA
BaseCheckAppcompatCache
IsValidCodePage
BackupRead
ZombifyActCtx
WritePrivateProfileSectionW
SetFileTime
ReadConsoleW
GetStringTypeW
SetCalendarInfoW
Thread32First
WriteConsoleInputA
GetNumberOfConsoleMouseButtons
AddConsoleAliasA
CreateDirectoryW
ClearCommBreak
DebugActiveProcessStop
FileTimeToDosDateTime
GetCommandLineA
GetModuleHandleA
GetCurrentDirectoryA
GetTempPathA

advapi32

GetFileSecurityW
SetFileSecurityW
GetSecurityDescriptorControl
GetSecurityDescriptorLength
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
MakeSelfRelativeSD
GetAclInformation
GetAce
FreeSid
SystemFunction041
SystemFunction040
OpenThreadToken
OpenProcessToken
GetTokenInformation
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
EqualSid
SetThreadToken
RevertToSelf
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
PrivilegeCheck
LookupPrivilegeValueA
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyA
AdjustTokenPrivileges
ImpersonateSelf
RegCreateKeyExA
RegSetValueExA
GetUserNameA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegGetKeySecurity
RegCloseKey
RegQueryValueExA
MD5Final
MD5Update
MD5Init
A_SHAFinal
A_SHAUpdate
A_SHAInit
RegDeleteValueA
SystemFunction036
AddAccessAllowedAce

ntdll

NtClose
RtlFreeHeap
NtCreateFile
RtlDosPathNameToNtPathName_U
RtlAllocateHeap
RtlImageNtHeader
RtlNtStatusToDosError

user32

LoadStringW
wsprintfA
wsprintfW
GetClassLongW
OemKeyScan
SetUserObjectInformationW
ValidateRect
BroadcastSystemMessage
LoadBitmapW
OemToCharBuffW
GetGUIThreadInfo
CreateSystemThreads
SetWindowWord
LoadAcceleratorsW
GetOpenClipboardWindow
ReplyMessage
GetWindowContextHelpId
GetKeyState
MenuItemFromPoint
DdeInitializeW
GetTaskmanWindow
GetWindowThreadProcessId
WinHelpA
IMPSetIMEW
ToUnicode
SwitchToThisWindow
ChildWindowFromPoint
DeferWindowPos
MessageBoxExA
BroadcastSystemMessageW
SetCaretPos
GetClassLongA
CharPrevExA
LoadImageW
MoveWindow
SystemParametersInfoW
TrackPopupMenu
GetDoubleClickTime
GetClipboardViewer
RegisterWindowMessageA
SetWindowContextHelpId
MessageBoxIndirectW
SetMessageQueue
GetClientRect
InvalidateRect
UserRealizePalette
SendMessageW
QuerySendMessage
GetKeyboardLayoutList
WINNLSGetIMEHotkey
ShowWindowAsync
TrackPopupMenuEx
GetForegroundWindow
SetWindowsHookExW
ReleaseCapture
TileWindows
EnumDisplaySettingsW
DialogBoxIndirectParamW
MonitorFromRect
CreateDesktopW
DispatchMessageA
GetMenuItemID
RemovePropW
SetCaretBlinkTime
LoadIconW
RegisterDeviceNotificationW
MessageBoxIndirectA
IMPSetIMEA
DrawCaption
GetKeyboardLayoutNameW
ValidateRgn
CharNextW
GetAltTabInfo
UnregisterHotKey
ScrollWindowEx
BroadcastSystemMessageA
IsRectEmpty
GetQueueStatus
FrameRect
UnregisterClassA
GetTitleBarInfo
LoadKeyboardLayoutEx
GetWindowRgn
CreateDesktopA
SetThreadDesktop
CloseDesktop

gdi32

GetStockObject
SetViewportExtEx
GetMetaRgn
CreateDIBPatternBrush
bInitSystemAndFontsDirectoriesW
FixBrushOrgEx
SetBrushAttributes
TextOutW
EngLockSurface
GdiComment
StretchBlt
SetVirtualResolution
DdEntry38
EngCreateDeviceSurface
RemoveFontResourceTracking
GdiConvertBitmapV5
GetBitmapAttributes
Arc
CreateICW
GdiArtificialDecrementDriver
CreateScalableFontResourceW
DdEntry16
GdiIsPlayMetafileDC
AngleArc
ResetDCW
DdEntry32
DdEntry56
GdiPlayJournal
SetMapMode
GdiDeleteSpoolFileHandle
StartFormPage
SetStretchBltMode
gdiPlaySpoolStream
RectVisible
XLATEOBJ_cGetPalette
CreateFontIndirectW
RemoveFontResourceExW
GdiPlayEMF
EnumFontFamiliesA
GetOutlineTextMetricsW
GetETM
SetBrushOrgEx
GetTextFaceW
bMakePathNameW
GdiQueryTable
EngAlphaBlend
GetViewportExtEx
EngAssociateSurface
EnumFontFamiliesExA
GetLogColorSpaceW
GetKerningPairsW
GetNearestColor
GdiGetCharDimensions
DdEntry13
GetEnhMetaFilePaletteEntries
SetColorAdjustment
GdiGetLocalDC
GetCharABCWidthsW
CreateRectRgn
GetObjectW
BRUSHOBJ_ulGetBrushColor
GdiRealizationInfo
EngUnlockSurface
GetPaletteEntries
SetPolyFillMode
CreateMetaFileW
XLATEOBJ_piVector
PlayMetaFile
EngQueryLocalTime
GdiGetDevmodeForPage
TranslateCharsetInfo
PATHOBJ_vGetBounds
SetViewportOrgEx
CreateDIBPatternBrushPt
TextOutA
EngLineTo
GetStringBitmapA
SetPixelV
ClearBrushAttributes
DdEntry22
DdEntry19
SetDIBits
GetOutlineTextMetricsA
FillRgn
FillPath
ScaleWindowExtEx

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dat�
Size: 140KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14c1c107a60087c315e2d09220e0ca6b

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

ntdll

user32

gdi32

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 10KB - Virtual size: 10KB

.idata Size: 2KB - Virtual size: 2.8MB

.dat� Size: 140KB - Virtual size: 341KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 10KB - Virtual size: 10KB

.idata
Size: 2KB - Virtual size: 2.8MB

.dat�
Size: 140KB - Virtual size: 341KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 4KB