a5084e6c4c7310f5442c9d236f8652b391e1d92168470c3637f9cf286df9b5d4

Sharing

Copy URL Twitter E-mail

General

Target

a5084e6c4c7310f5442c9d236f8652b391e1d92168470c3637f9cf286df9b5d4
Size

534KB
MD5

0d15b754b598461fb34227ee8c27e3a0
SHA1

29632692951480652a6dccb0d701884a10d00077
SHA256

a5084e6c4c7310f5442c9d236f8652b391e1d92168470c3637f9cf286df9b5d4
SHA512

ea25e606fec172d5a136471b51fe5adfa07f40e3e2b8807aa7c3f83f4072cdb60a9edf5e7351d6d52052f384bb821085d4ed9acf40a79a074c0b25825e237e4f
SSDEEP

12288:NejkDjsHHUEoLmxJX0UMc8AWEolcrd+tZnXU9uhvKqFc6iT/SHJBw5XR0m/d921I:NWalcgIl4

Score

N/A

Malware Config

Signatures

Files

a5084e6c4c7310f5442c9d236f8652b391e1d92168470c3637f9cf286df9b5d4
.exe windows x86

885aeb60c3202e4dc3fd608c710bd8d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetForegroundWindow
SetFocus
SetCapture
SendInput
SetForegroundWindow
DefWindowProcW
EndPaint
BeginPaint
GetUpdateRect
RegisterClassW
ClientToScreen
GetWindowRect
GetDesktopWindow
GetDisplayConfigBufferSizes
QueryDisplayConfig
SetDisplayConfig
GetFocus
SetRectEmpty
GetClientRect
DrawTextExW
SetWindowLongW
SetLayeredWindowAttributes
GetDC
ReleaseDC
SetTimer
PtInRect
PostQuitMessage
NotifyWinEvent
ShowWindow
ReleaseCapture
SetWindowPos
InvalidateRect
UpdateWindow
GetCursorPos
LoadImageW
ScreenToClient
LoadCursorW
SetCursor
InflateRect
GetSysColorBrush
FillRect
GetSysColor
SetRect
SystemParametersInfoW
UnregisterDeviceNotification
KillTimer
FindWindowExW
CreateWindowExW
GetWindowLongW
LoadStringW
SendMessageW
GetMessageW
TranslateMessage
DispatchMessageW
SetWindowsHookExW
GetSystemMetrics
CallNextHookEx
GetAsyncKeyState
GetKeyState
PostMessageW
RegisterDeviceNotificationW
UnhookWindowsHookEx

kernel32

LoadLibraryExA
QueryPerformanceCounter
QueryPerformanceFrequency
InterlockedCompareExchange
FreeLibrary
GetProcAddress
DelayLoadFailureHook
InterlockedDecrement
InterlockedIncrement
CreateSemaphoreW
GetLastError
WaitForSingleObject
MulDiv
ReleaseSemaphore
CloseHandle
GetModuleHandleW
LoadLibraryA
GetUserDefaultUILanguage
SizeofResource
LockResource
LoadResource
FindResourceExW
Sleep
GetStartupInfoA
SetUnhandledExceptionFilter
GetModuleHandleA
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
InterlockedExchange
GetLocaleInfoW

comctl32

ord345
ImageList_CoCreateInstance
ord344

shlwapi

ord219
SHGetValueW

ole32

CoInitialize
CoUninitialize

imm32

ImmDisableIME

ntdll

WinSqmEndSession
WinSqmStartSession
WinSqmAddToStream

powrprof

PowerDeterminePlatformRole
GetPwrCapabilities

slc

SLGetWindowsInformationDWORD

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
EventUnregister
EventWrite
EventRegister

msvcrt

_controlfp
_except_handler4_common
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
qsort
_ftol2
_CIsin
_CIcos
memset
_vsnwprintf
??2@YAPAXI@Z
_purecall
??3@YAXPAX@Z
strtok
_stricmp

gdi32

SetBkColor
DeleteObject
FillRgn
CreateFontIndirectW
SetTextColor
GetDeviceCaps
FrameRgn
CreateRectRgnIndirect
SelectObject
GetTextExtentPoint32W
CreateDIBSection
CreateRoundRectRgn
GetObjectW

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 473KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ypwtzgz
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

885aeb60c3202e4dc3fd608c710bd8d4

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

comctl32

shlwapi

ole32

imm32

ntdll

powrprof

slc

advapi32

msvcrt

gdi32

Sections

.text Size: 32KB - Virtual size: 32KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 473KB - Virtual size: 472KB

.reloc Size: 27KB - Virtual size: 27KB

ypwtzgz Size: - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 32KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 473KB - Virtual size: 472KB

.reloc
Size: 27KB - Virtual size: 27KB

ypwtzgz
Size: - Virtual size: 4KB