27467411937a65fdc242f9fdbfa0f842807300ad53ea516f6c67a5e3550bbc73

Sharing

Copy URL

Twitter E-mail

General

Target

27467411937a65fdc242f9fdbfa0f842807300ad53ea516f6c67a5e3550bbc73
Size

204KB
MD5

056f40fa7a643d58f96aea4d42d1c5e0
SHA1

79bf6f2371ca08e81723c452a638d2faff21e7c5
SHA256

27467411937a65fdc242f9fdbfa0f842807300ad53ea516f6c67a5e3550bbc73
SHA512

f74513f9e4b7a4b311b13884a103240aa09fac661574db89b0a6342d0419f589e900f2df5c5e8bd090fffb86c99042e18c55f0d83cae94f1a1664a95e438db75
SSDEEP

3072:BkSVvEL76k3hV7U15IMpGajsVKHb2oUbAUX33:uHL7Th1UQMpGYsVKyJH3

Score

N/A

Malware Config

Signatures

Files

27467411937a65fdc242f9fdbfa0f842807300ad53ea516f6c67a5e3550bbc73
.exe windows x86

f7f8b793df08107bb07d567006b14847

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringA
MultiByteToWideChar
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
CreateProcessA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
OpenProcess
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
InterlockedDecrement
GetPrivateProfileStringA
VirtualFreeEx
ReadProcessMemory
WriteProcessMemory
VirtualAllocEx
GetModuleHandleA
GetProcAddress
CloseHandle
GetLastError
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
HeapSize
GetCurrentProcess
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapFree
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW

user32

GetWindow
ClientToScreen
OffsetRect
FindWindowExA
SendMessageA
LoadStringA
LoadAcceleratorsA
GetMessageA
GetWindowThreadProcessId
EndPaint
GetSystemMetrics
GetKeyState
PtInRect
ReleaseDC
UpdateLayeredWindow
GetDC
IsWindow
DefWindowProcA
PostQuitMessage
GetWindowRect
GetCursorPos
KillTimer
FindWindowA
BeginPaint
UpdateWindow
ShowWindow
SetTimer
MoveWindow
SetWindowLongA
GetWindowLongA
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA

gdi32

DeleteDC
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

shell32

SHGetSpecialFolderPathA

gdiplus

GdiplusStartup
GdipAlloc
GdipFree
GdipCreateBitmapFromFile
GdipCloneImage
GdipDisposeImage
GdipCreateFromHDC
GdipDeleteGraphics
GdipDrawImageRectRect

comctl32

_TrackMouseEvent

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f7f8b793df08107bb07d567006b14847

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

gdiplus

comctl32

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 48KB - Virtual size: 48KB

.reloc Size: 74KB - Virtual size: 76KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 48KB - Virtual size: 48KB

.reloc
Size: 74KB - Virtual size: 76KB