860cef4b0e598fffea969c8f4ab95524f460bc3fc9274b876eac98ece63d225c

Sharing

Copy URL

Twitter E-mail

General

Target

860cef4b0e598fffea969c8f4ab95524f460bc3fc9274b876eac98ece63d225c
Size

453KB
MD5

08afdaf76f26bd6e2659c61d2bdb0250
SHA1

3b50c36a5ba0807e43ab81014a2f29c7c143e9b7
SHA256

860cef4b0e598fffea969c8f4ab95524f460bc3fc9274b876eac98ece63d225c
SHA512

2ee05cd229237c2dccf4901085f5ac1990859fcd9c4b344aaed59d9f8e51c77ad2caf3da6dbf2284532d237666dbebf3bec1d464c24b4e1a03b04367d46cfedf
SSDEEP

12288:BH9vncuLItVrd6MvG14GxaszwmauFOVkH0ViGJZ:BHOuLKVh6MvGuKUVD

Score

N/A

Malware Config

Signatures

Files

860cef4b0e598fffea969c8f4ab95524f460bc3fc9274b876eac98ece63d225c
.exe windows x86

2d33b2f91be9ed37a37193ce04b86fc5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
HeapFree
GetProcAddress
GetProcessHeap
MapViewOfFile
UnmapViewOfFile
CreateFileW
GetLastError
CreateFileMappingW
OpenFileMappingW
CloseHandle
FreeLibrary
GetCommandLineW
GetCurrentProcess
GetModuleHandleW
GetModuleFileNameW
GetTempPathW
GetCurrentProcessId
InterlockedIncrement
InterlockedCompareExchange
CreateProcessW
MoveFileExW
CreateDirectoryW
WaitForSingleObject
GlobalAlloc
CopyFileW
FileTimeToSystemTime
GlobalFree
GetCurrentThreadId
DeleteFileW
SetFileAttributesW
SetFilePointer
WriteFile
FormatMessageW
ExitThread
SetLastError
CreateEventW
WaitForMultipleObjects
DuplicateHandle
LocalFree
CreateThread
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GlobalLock
GlobalUnlock
WideCharToMultiByte
MultiByteToWideChar
FindFirstFileW
FindClose
LocalAlloc
FindNextFileW
CreateMutexW
OpenMutexW
ReleaseMutex
GetSystemDirectoryW
RemoveDirectoryW
GetFileSize
Sleep
ReadFile
FlushFileBuffers
HeapAlloc
HeapReAlloc
GetStartupInfoW
FileTimeToLocalFileTime
GetDriveTypeW
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedDecrement
HeapSize
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetFullPathNameW
GetCurrentDirectoryA
LCMapStringA
LCMapStringW
GetModuleHandleA
LoadLibraryA
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
LoadLibraryW

user32

CreateDialogParamW
SetWindowLongW
GetWindowLongW
DialogBoxParamW
DestroyWindow
CloseClipboard
EmptyClipboard
OpenClipboard
SetClipboardData
EndPaint
GetWindowTextLengthW
SetTimer
ScreenToClient
GetWindowRect
FillRect
DrawTextW
BeginPaint
LoadIconW
InvalidateRect
GetWindowTextW
GetDlgItem
EndDialog
MessageBoxW
SendMessageW
SetWindowTextW
IsIconic
SetForegroundWindow
FindWindowW
ShowWindow
GetSystemMetrics

gdi32

CreatePen
CreateFontW
Rectangle
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
DeleteObject
SetBkMode
CreateDIBSection
SetTextColor
LineTo
BitBlt
MoveToEx
PolyBezier
RoundRect
CreateSolidBrush

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

imm32

ImmDisableIME

msimg32

AlphaBlend

comctl32

InitCommonControlsEx

advapi32

OpenProcessToken
SetSecurityDescriptorDacl
GetTokenInformation
LookupAccountSidW
AddAccessAllowedAceEx
InitializeSecurityDescriptor
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
GetSidLengthRequired
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
InitializeAcl
GetNamedSecurityInfoW
SetNamedSecurityInfoW

shell32

SHFileOperationW
SHGetSpecialFolderPathW

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2d33b2f91be9ed37a37193ce04b86fc5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

version

imm32

msimg32

comctl32

advapi32

shell32

Sections

.text Size: 208KB - Virtual size: 207KB

.rdata Size: 74KB - Virtual size: 73KB

.data Size: 13KB - Virtual size: 25KB

.rsrc Size: 148KB - Virtual size: 152KB

.text
Size: 208KB - Virtual size: 207KB

.rdata
Size: 74KB - Virtual size: 73KB

.data
Size: 13KB - Virtual size: 25KB

.rsrc
Size: 148KB - Virtual size: 152KB