4091216f65f2e209411405fa2e93b35274fefc65c2bf95cebd98b4db5cf006ad

Sharing

Copy URL Twitter E-mail

General

Target

4091216f65f2e209411405fa2e93b35274fefc65c2bf95cebd98b4db5cf006ad
Size

873KB
MD5

3783315e46f4ae871a855caafe5612d0
SHA1

b08023416e7373c26d568f9d4f0d3e322ec84148
SHA256

4091216f65f2e209411405fa2e93b35274fefc65c2bf95cebd98b4db5cf006ad
SHA512

101cb4bf0c2492b666e92790c24c63aa1ce47a45e6ae4f507489938dbdb027bef577b3f2e547008ef6064a19ecddae22f487fc3ef86a8b58eb42e579b7c1c7ab
SSDEEP

12288:FRPpn8xxmzRK5FxzLRPGgutmyvmVHxAEUhOTewx6SUQJH1:rcAzRQFR+gGmyvmVHlUmx/V

Score

N/A

Malware Config

Signatures

Files

4091216f65f2e209411405fa2e93b35274fefc65c2bf95cebd98b4db5cf006ad
.exe windows x86

d16e9073428f2b62f9f02cb3a3d2a3e3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileW
FindFirstFileW
MoveFileW
DeleteFileW
TlsAlloc
GetFileAttributesExW
GetModuleFileNameW
GetFileAttributesW
GetCommandLineW
VerSetConditionMask
VerifyVersionInfoW
GetStdHandle
GetFileType
SetLastError
GetConsoleOutputCP
GetModuleHandleA
Sleep
QueryPerformanceCounter
ReleaseSemaphore
ResetEvent
GetModuleFileNameA
MultiByteToWideChar
lstrlenW
DisableThreadLibraryCalls
GetVersionExW
CreateEventW
CloseHandle
SetEvent
WaitForSingleObject
GetProcessHeap
TlsFree
InterlockedIncrement
GetModuleHandleW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcmpW
SetThreadPriority
IsProcessorFeaturePresent
DebugBreak
QueryPerformanceFrequency
MulDiv
HeapAlloc
InterlockedCompareExchange
CreateEventA
WideCharToMultiByte
OutputDebugStringA
RtlUnwind
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetVersion
LocalAlloc
GetEnvironmentStrings
GetEnvironmentStringsW
GetDiskFreeSpaceA
SystemTimeToFileTime
GlobalMemoryStatus
GetConsoleAliasExesLengthW
AddConsoleAliasW
GetLocalTime
CreateFileW
SetFilePointerEx
TlsSetValue
FreeLibrary
OutputDebugStringW
GetStartupInfoA
CreateFileA
ExitProcess
CreateDirectoryExW
HeapFree
ExitThread
GetConsoleAliasesW

user32

EnumDisplayMonitors
FillRect
GetDC
GetDesktopWindow
EnumDisplaySettingsW
InvalidateRect
EnumDisplayDevicesW
IsIconic
MapWindowPoints
MonitorFromWindow
DefWindowProcW
SetForegroundWindow
SetWindowLongW
MonitorFromRect
GetForegroundWindow
GetWindowRect
RegisterClassW
CreateWindowExW
IsWindow
CharNextA
LoadStringW
IntersectRect

advapi32

IsTextUnicode
RegCloseKey
RegCreateKeyW
RegSetValueW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExW
RegQueryValueExW

ole32

CoTaskMemAlloc
CoTaskMemFree
PropVariantCopy
CoCreateInstance
CoUninitialize
StringFromGUID2
CoFreeUnusedLibraries

msvcrt

malloc
free

winmm

timeBeginPeriod
timeEndPeriod

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d16e9073428f2b62f9f02cb3a3d2a3e3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

winmm

Sections

.text Size: 120KB - Virtual size: 119KB

.idata Size: 8KB - Virtual size: 4KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 108KB - Virtual size: 2.7MB

.rsrc Size: 32KB - Virtual size: 28KB

.text
Size: 120KB - Virtual size: 119KB

.idata
Size: 8KB - Virtual size: 4KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 108KB - Virtual size: 2.7MB

.rsrc
Size: 32KB - Virtual size: 28KB