b965e81cebf3dd991dac6bd2bf3203d8afc7a9f573e37037ea07cda0692566c0

Sharing

Copy URL Twitter E-mail

General

Target

b965e81cebf3dd991dac6bd2bf3203d8afc7a9f573e37037ea07cda0692566c0
Size

598KB
MD5

044abdc897a78f669663eacb36821600
SHA1

4e1c1d9e43a676f57a74dce54d501ee199771d59
SHA256

b965e81cebf3dd991dac6bd2bf3203d8afc7a9f573e37037ea07cda0692566c0
SHA512

265f0f2fb922f92221b3e6ef0b0a5d7d3028b2d7e92ba4e9a475a028f0df22c4832784edc80105843daca7a870c9e3071f1ca2dab1f4849dc0aeff3f61e8a150
SSDEEP

12288:5HqRnADm3l0oGxvB+0hTVc/59rDqZ/UNXO:dqBB3SNe0BVc/5pqZeXO

Score

N/A

Malware Config

Signatures

Files

b965e81cebf3dd991dac6bd2bf3203d8afc7a9f573e37037ea07cda0692566c0
.exe windows x86

9f8d75bc4bb8e3b6026b7f1c61685b55

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
SetLastError
CreateEventW
CreateDirectoryW
GetTickCount
SetEvent
Sleep
WaitForMultipleObjects
GetPrivateProfileIntW
ResetEvent
WideCharToMultiByte
OutputDebugStringW
CreateFileW
DeviceIoControl
GetVersion
Process32NextW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
SetFilePointer
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
Process32FirstW
HeapSize
FlushInstructionCache
GetModuleFileNameA
GetStdHandle
RtlUnwind
HeapReAlloc
GetStartupInfoW
CreateThread
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
ExitProcess
TlsFree
DeleteAtom
FindAtomW
TlsAlloc
ReleaseMutex
AddAtomW
OpenThread
GetAtomNameW
TlsSetValue
TlsGetValue
GetSystemTime
FormatMessageW
GetFileSizeEx
ReadFile
WriteFile
SetFilePointerEx
SetEndOfFile
LocalFileTimeToFileTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
CreateFileA
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
CreateToolhelp32Snapshot
GetSystemInfo
QueryDosDeviceW
GetLongPathNameW
InitializeCriticalSectionAndSpinCount
GetLogicalDriveStringsW
GetModuleHandleA
GetCurrentProcessId
GetVersionExW
CreateProcessW
OpenProcess
CloseHandle
GetCurrentProcess
lstrlenA
GetTempPathW
GetTempFileNameW
DeleteFileW
FindFirstFileW
FindNextFileW
FindClose
InterlockedDecrement
LocalFree
GetCommandLineW
CreateMutexW
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
GetLastError
RaiseException
lstrcmpiW
GetModuleHandleW
lstrlenW
GetProcAddress
FreeLibrary
LoadLibraryW
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
HeapCreate

user32

OffsetRect
DefWindowProcW
GetActiveWindow
EnableWindow
CharUpperW
UnregisterClassA
MessageBoxW
CharNextW
LoadStringW
GetSystemMetrics
IsWindow
PostMessageW
ShowWindow
CharLowerW
MonitorFromPoint
DispatchMessageW
TranslateMessage
GetMessageW
GetSubMenu
TrackPopupMenu
DeleteMenu
LoadMenuW
DialogBoxParamW
LoadCursorW
GetClassInfoExW
RegisterClassExW
IsZoomed
PostQuitMessage
DestroyMenu
RedrawWindow
SetWindowTextW
ScreenToClient
MonitorFromWindow
GetMonitorInfoW
PeekMessageW
DestroyIcon
EndDialog
CreateDialogParamW
IsRectEmpty
GetDlgItem
MoveWindow
SetFocus
SetWindowRgn
LoadImageW
AdjustWindowRectEx
GetMenu
DrawEdge
DrawFocusRect
GetWindowTextLengthW
GetWindowTextW
SystemParametersInfoW
SetTimer
KillTimer
BeginPaint
EndPaint
GetClientRect
IntersectRect
InflateRect
DrawTextW
SetWindowPos
CreateWindowExW
SetCapture
GetDlgCtrlID
ReleaseCapture
GetCapture
ClientToScreen
PtInRect
UpdateWindow
InvalidateRect
CallWindowProcW
SetWindowLongW
GetParent
SendMessageW
EnumWindows
IsWindowVisible
GetWindowLongW
SendMessageTimeoutW
SwitchToThisWindow
SetForegroundWindow
IsWindowEnabled
GetWindow
GetWindowRect
FindWindowW
GetWindowThreadProcessId
ExitWindowsEx
LoadBitmapW
DestroyWindow
MapWindowPoints

gdi32

ExtTextOutW
GetStockObject
RestoreDC
StretchBlt
SaveDC
BitBlt
DeleteDC
CreateCompatibleDC
GetClipBox
SelectObject
SetViewportOrgEx
CreateFontW
CreateFontIndirectW
GetObjectW
DeleteObject
CreateRoundRectRgn
CreateRectRgn
CombineRgn
CreateCompatibleBitmap
SetBkColor
SetTextColor
SetBkMode

advapi32

RegQueryValueExW
RegDeleteKeyW
RegCloseKey
GetTokenInformation
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegQueryValueExA

shell32

ShellExecuteExW
ShellExecuteW
ord680
CommandLineToArgvW

ole32

CoCreateInstance
CoUninitialize
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoInitialize

oleaut32

VariantChangeType
SysAllocStringByteLen
SysStringByteLen
SysAllocString
SysAllocStringLen
VarUI4FromStr
VariantClear
SysStringLen
VariantInit
SysFreeString

shlwapi

StrCmpNIW
PathRemoveFileSpecW
PathAppendW
PathIsRelativeW
StrStrIW
StrChrW
SHGetValueW
PathFileExistsW
PathCombineW

comctl32

ImageList_Destroy
_TrackMouseEvent
ImageList_GetIconSize
ImageList_Draw
ImageList_LoadImageW

msimg32

TransparentBlt

imm32

ImmDisableIME

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

psapi

GetModuleFileNameExW

Sections

.text
Size: 241KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 34KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 84KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9f8d75bc4bb8e3b6026b7f1c61685b55

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

imm32

version

psapi

Sections

.text Size: 241KB - Virtual size: 240KB

.rdata Size: 50KB - Virtual size: 49KB

.data Size: 34KB - Virtual size: 45KB

.rsrc Size: 180KB - Virtual size: 180KB

.reloc Size: 84KB - Virtual size: 88KB

.text
Size: 241KB - Virtual size: 240KB

.rdata
Size: 50KB - Virtual size: 49KB

.data
Size: 34KB - Virtual size: 45KB

.rsrc
Size: 180KB - Virtual size: 180KB

.reloc
Size: 84KB - Virtual size: 88KB