39b6b1ef37e2304dd7f04e6b9630be6e84759129e711393501a3ca09465a2bda

Sharing

Copy URL Twitter E-mail

General

Target

39b6b1ef37e2304dd7f04e6b9630be6e84759129e711393501a3ca09465a2bda
Size

1.0MB
MD5

07ea738119f3e44e48a7091ef97e2fd5
SHA1

746a328f96f786b7ef915d9e113e46d033235d1b
SHA256

39b6b1ef37e2304dd7f04e6b9630be6e84759129e711393501a3ca09465a2bda
SHA512

462e7aca8fde8681e63ab35bd845445b56b5e596c631761380c9de8ec6d3c05538d39b586dba265fe12cef26634fb6e318f6a53d4241547c142cb555df8dd75d
SSDEEP

24576:f3ew0+iQNJgU1vHM8aixWWHq8/QkG9z/43yamUeNgmA:f3e0imJg4M839Hq8/QkG9zg3y5/gB

Score

N/A

Malware Config

Signatures

Files

39b6b1ef37e2304dd7f04e6b9630be6e84759129e711393501a3ca09465a2bda
.exe windows x86

eea29ddf2cad0fcb29dacb28b4e9bf39

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateCompatibleDC
GetObjectA
DPtoLP
CreateCompatibleBitmap
LPtoDP
SetMapMode
GetMapMode
SelectObject
BitBlt
DeleteDC
DeleteObject
GetDeviceCaps
GetStockObject

kernel32

FindNextFileA
FindFirstFileA
DeleteFileA
SetFileAttributesA
GetProcAddress
LoadLibraryA
GetTempPathA
GetVersionExA
GetModuleHandleA
GetLastError
CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
CopyFileA
GetModuleFileNameA
GetTickCount
WriteFile
CreateFileA
GetWindowsDirectoryA
FreeLibrary
TerminateProcess
OpenProcess
GetTempFileNameA
GetLocalTime
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
lstrlenA
ContinueDebugEvent
SetThreadContext
GetThreadContext
WaitForDebugEvent
CreateProcessA
GetStartupInfoA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
FindClose
ResetEvent
ReadFile
GetSystemTime
GetExitCodeProcess
MoveFileA
GetCommandLineA
CreateMutexA
GetEnvironmentVariableA
Module32First
SetHandleInformation
CreatePipe
ReleaseMutex
FindResourceExA
SizeofResource
LockResource
LoadResource
FindResourceA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
CreateDirectoryA
LocalAlloc
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
GetLocaleInfoW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
RemoveDirectoryA
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
SetEvent
WaitForSingleObject
Sleep
TerminateThread
CreateThread
CreateEventA
FreeEnvironmentStringsA
GetCurrentDirectoryA
GetFullPathNameA
GetTimeZoneInformation
GetFileAttributesA
SetFilePointer
GetFileType
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
GetStdHandle
VirtualFree
HeapCreate
IsValidCodePage
GetOEMCP
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime
GetModuleHandleW
ExitProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
LCMapStringA
LCMapStringW
GetCPInfo
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetACP

user32

TranslateMessage
GetMessageA
ShowWindow
DispatchMessageA
RegisterClassExA
LoadCursorA
GetWindowDC
InvalidateRect
PostMessageA
UpdateWindow
CreateWindowExA
ReleaseDC
EndPaint
BeginPaint
CreateIconFromResourceEx
GetDC
GetSystemMetrics
GetTitleBarInfo
SetWindowTextA
GetDesktopWindow
GetWindowRect
MoveWindow
MessageBoxA
PostQuitMessage
SetFocus
DefWindowProcA

advapi32

RegSetValueExA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ole32

CreateStreamOnHGlobal

shell32

Shell_NotifyIconA

shlwapi

PathFindExtensionA
PathFindExtensionW

gdiplus

GdipGetImageEncoders
GdiplusStartup
GdiplusShutdown
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipSaveImageToFile
GdipCreateBitmapFromScan0
GdipGetImageEncodersSize
GdipFree
GdipAlloc
GdipCloneImage

Sections

.text
Size: 914KB - Virtual size: 913KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

eea29ddf2cad0fcb29dacb28b4e9bf39

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

user32

advapi32

ole32

shell32

shlwapi

gdiplus

Sections

.text Size: 914KB - Virtual size: 913KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 111KB - Virtual size: 142KB

.text
Size: 914KB - Virtual size: 913KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 111KB - Virtual size: 142KB