01881e1e43e3fd6a1cfb9deb983e020857cb27e536b05c965765d78d7aec6c49

Sharing

Copy URL Twitter E-mail

General

Target

01881e1e43e3fd6a1cfb9deb983e020857cb27e536b05c965765d78d7aec6c49
Size

253KB
MD5

212ea16df15410eda24830e3ea40a161
SHA1

bc47769e31ee2c5666f705bd2bada8036b5dca53
SHA256

01881e1e43e3fd6a1cfb9deb983e020857cb27e536b05c965765d78d7aec6c49
SHA512

bf2751f52f8090103a18b7e990ef0ac0d8cdb33c95fcc7159dc4e91023615e1ef9ab1856ffc410bdb04f7283b06340ad50a4874c3ad339e1194228a37121ab94
SSDEEP

6144:AIlWH17lhvj6qIwXgpOp7ZDf1wIZSJga90d4rtumIy:AIUV7Lj6LwXgpOZTwIEai+4tue

Score

N/A

Malware Config

Signatures

Files

01881e1e43e3fd6a1cfb9deb983e020857cb27e536b05c965765d78d7aec6c49
.exe windows x86

bc1afadd53bc0f81dbb7b4ce8c7a9034

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
GetOEMCP
GetACP
GetStringTypeW
LCMapStringW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
HeapReAlloc
RtlUnwind
LoadLibraryW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
WriteConsoleW
SetStdHandle
CloseHandle
GetModuleHandleA
GetProfileStringA
LoadLibraryA
HeapSize
GetProcAddress
GetLastError
MultiByteToWideChar
MulDiv
HeapCreate
GetConsoleWindow
WriteFile
GetProcessHeap
GetTickCount
HeapAlloc
SetFilePointer
GetStdHandle
SetHandleCount
ExitProcess
GetModuleHandleW
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
InterlockedExchange
EncodePointer
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
InterlockedDecrement
GetCPInfo
RaiseException
InterlockedIncrement
HeapFree
Sleep
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
CreateFileW

user32

GetScrollPos
SetScrollInfo
EndPaint
DestroyWindow
GetMessageA
InsertMenuItemA
RegisterClassExA
PostQuitMessage
SetCapture
IsZoomed
LoadIconA
CharNextA
GetClientRect
BeginPaint
GetDC
TranslateMessage
GetForegroundWindow
DialogBoxParamA
GetMenu
MessageBoxA
LoadMenuW
CreateWindowExA
ReleaseDC
GetDlgItem
DefWindowProcA
EnumWindowStationsW
ShowWindow
CreatePopupMenu
GetMenuItemCount
DispatchMessageA
SystemParametersInfoA
CloseWindow
UpdateWindow
LoadCursorA

gdi32

MoveToEx
LineTo
CreateDIBSection
CreateFontIndirectW
StretchBlt
CreateFontIndirectA
GetCurrentObject
SetDCBrushColor
CreateDCA
DeleteObject
SelectObject
CreateCompatibleDC
Ellipse
FillRgn
SetDCPenColor
SetStretchBltMode
CreateRectRgn
Polyline
CreatePen
GetObjectA
GetStockObject
CreateSolidBrush
TextOutA
DeleteDC

comdlg32

PrintDlgA
FindTextA

ole32

CoCreateInstance
CoInitialize
CoTaskMemFree

Sections

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc1afadd53bc0f81dbb7b4ce8c7a9034

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

ole32

Sections

.text Size: 156KB - Virtual size: 156KB

.rdata Size: 70KB - Virtual size: 69KB

.data Size: 18KB - Virtual size: 26KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 156KB - Virtual size: 156KB

.rdata
Size: 70KB - Virtual size: 69KB

.data
Size: 18KB - Virtual size: 26KB

.rsrc
Size: 8KB - Virtual size: 7KB