08fdd936350d8b73c2f0746cb9b07ed770620479e7d9d590d243b101b0936568

Sharing

Copy URL Twitter E-mail

General

Target

08fdd936350d8b73c2f0746cb9b07ed770620479e7d9d590d243b101b0936568
Size

416KB
MD5

2d42da2491cee6011954e9005b620fb5
SHA1

882a13256a65f3e67a71ee5427f61d463b6179f0
SHA256

08fdd936350d8b73c2f0746cb9b07ed770620479e7d9d590d243b101b0936568
SHA512

b263991ccf5acabec21e652704b680459e067ae9d63d18df1c55f01a7e6a98f32198644cf20ac844ab19b0f90386968927ad3f5007d1775be6012d061dbdc283
SSDEEP

6144:AqlCYXgga42u7nVKsMbe57ReNV9sJH+TuJLa0HpFpJDUzR9tGO0klnK:oYXgga42gVKslaVKJyKLagcE8K

Score

N/A

Malware Config

Signatures

Files

08fdd936350d8b73c2f0746cb9b07ed770620479e7d9d590d243b101b0936568
.exe windows x86

d92d70f9d6ab16de33e68fa51e4217f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_UP_SYSTEM_ONLY

Imports

kernel32

LoadLibraryW
GetTimeZoneInformation
HeapSize
GetStringTypeW
MultiByteToWideChar
LCMapStringW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
ExitProcess
LeaveCriticalSection
EnterCriticalSection
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentThreadId
SetLastError
GetModuleHandleW
TlsFree
DecodePointer
TlsSetValue
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
CloseHandle
WriteConsoleW
SetStdHandle
CompareStringW
SetEnvironmentVariableA
GetLastError
GetStdHandle
GetConsoleScreenBufferInfo
CreateFileA
WriteFile
SetFilePointerEx
ReadFile
Sleep
lstrcmpA
GetCurrentProcess
GetCurrentDirectoryW
GetLogicalDrives
TlsGetValue
TlsAlloc
EncodePointer
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
IsProcessorFeaturePresent
CreateFileW
GetStartupInfoW
HeapSetInformation
GetCommandLineA
FindFirstFileExA
FileTimeToLocalFileTime
FileTimeToSystemTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetModuleFileNameA
GetConsoleTitleA
SetConsoleTitleA
FindClose
WideCharToMultiByte
HeapFree
RtlUnwind
GetProcAddress
HeapAlloc
CreateEventA
RaiseException
WaitForSingleObject
ResetEvent
lstrcpyA
TerminateProcess
LoadLibraryA

user32

GetFocus
DrawMenuBar
UpdateWindow
EnableWindow
CreateMenu
AppendMenuA
CharNextA
RegisterClassA
GetMenu
EnumWindowStationsW
SetMenu
MessageBoxA
LoadCursorA
LoadIconA
CreateWindowExA
RegisterClassExA
SetWindowPos
wsprintfA
CreatePopupMenu
SetWindowLongA
GetWindowLongA
EnableMenuItem
GetSystemMenu
SetClassLongA
GetClassLongA
ShowWindow
DestroyMenu
TrackPopupMenu
GetSubMenu
LoadImageA
InvalidateRect
BeginPaint
SetRect
SendMessageA
GetClientRect
EndPaint
DefWindowProcA
CallNextHookEx
GetKeyState
GetForegroundWindow
FindWindowA
GetWindowTextA
FindWindowExA
SetActiveWindow
PostQuitMessage
SystemParametersInfoA
GetSysColor
GetWindowRect
ScreenToClient
FillRect
LoadMenuA

gdi32

MoveToEx
LineTo
SetDCPenColor
StartPage
CreateCompatibleBitmap
Rectangle
EndPage
EndDoc
DeleteDC
GetObjectA
CreateCompatibleDC
SelectObject
BitBlt
GetStockObject
CreateFontIndirectA
CreatePen
Polyline
DeleteObject
ExcludeClipRect
SelectClipRgn

advapi32

AdjustTokenPrivileges
OpenProcessToken
LsaOpenPolicy
CryptDuplicateHash
LookupPrivilegeValueA

ole32

ReadClassStg
CoUninitialize
StgCreateDocfile
WriteClassStg
StgOpenStorage
CreateBindCtx
CoInitialize
CoCreateGuid
StringFromGUID2

odbc32

ord36

ws2_32

gethostname
gethostbyname
ntohl
WSACleanup
WSAStartup

avifil32

AVIFileInfoA
AVIFileRelease
AVIFileInit
AVIFileOpenA

shlwapi

StrChrA
PathFindFileNameA
PathFindExtensionA

comctl32

ord17
ord6

gdiplus

GdipCreateFromHDC
GdipDrawLineI
GdipDeletePen
GdipCreatePen1
GdiplusStartup
GdiplusShutdown
GdipDrawEllipseI
GdipDeleteGraphics
GdipDrawRectangleI
GdipFree
GdipAlloc

imm32

ImmGetDefaultIMEWnd
ImmGetContext
ImmGetOpenStatus
ImmReleaseContext
ImmSetOpenStatus

oledlg

ord3

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 199KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sole
Size: 1024B - Virtual size: 755B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nodata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d92d70f9d6ab16de33e68fa51e4217f6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

odbc32

ws2_32

avifil32

shlwapi

comctl32

gdiplus

imm32

oledlg

Sections

.text Size: 80KB - Virtual size: 80KB

.rdata Size: 31KB - Virtual size: 31KB

.data Size: 199KB - Virtual size: 206KB

.sole Size: 1024B - Virtual size: 755B

.nodata Size: 1KB - Virtual size: 1KB

.rsrc Size: 94KB - Virtual size: 93KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 80KB - Virtual size: 80KB

.rdata
Size: 31KB - Virtual size: 31KB

.data
Size: 199KB - Virtual size: 206KB

.sole
Size: 1024B - Virtual size: 755B

.nodata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 94KB - Virtual size: 93KB

.reloc
Size: 8KB - Virtual size: 7KB