ab004af81cece200f3421ebd06bcf75896216fa35439be91e2f04697cdc5ab5a

Sharing

Copy URL Twitter E-mail

General

Target

ab004af81cece200f3421ebd06bcf75896216fa35439be91e2f04697cdc5ab5a
Size

409KB
MD5

3b8484a00124416c39a755c3a532f29f
SHA1

1922143ca0bdd5a145671a6c75dedefb219cf94e
SHA256

ab004af81cece200f3421ebd06bcf75896216fa35439be91e2f04697cdc5ab5a
SHA512

ce9034b294d48b550c25338b073ec1550f343a14564443c66449344898edd3ed53326b4a32004445bc41c6b0a0da42363ad5448bc985b3ae3c564a440f55d785
SSDEEP

12288:uFr6E5VXruaazSj0dadFm070MZVkX2J5asdNAVuC:u35ViaaWQda/NwmVk05asvcuC

Score

N/A

Malware Config

Signatures

Files

ab004af81cece200f3421ebd06bcf75896216fa35439be91e2f04697cdc5ab5a
.exe windows x86

c1b0ebea1bab42e620186be23ae77a97

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
LCMapStringW
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
HeapQueryInformation
HeapSize
HeapReAlloc
HeapFree
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
LoadLibraryW
GetFileType
SetHandleCount
GetStdHandle
SetLastError
TlsFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsBadReadPtr
HeapValidate
InitializeCriticalSectionAndSpinCount
EncodePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineA
MultiByteToWideChar
ExitProcess
GetModuleHandleW
GetProcAddress
DecodePointer
RtlUnwind
RaiseException
LeaveCriticalSection
SetStdHandle
CreateDirectoryA
CreateNamedPipeA
CloseHandle
ConnectNamedPipe
LocalAlloc
LocalFree
GetProcessHeap
CreateFileA
GetFileSize
GlobalAlloc
GlobalLock
ReadFile
GlobalUnlock
GetModuleFileNameA
GetModuleFileNameW
lstrcpyW
GetPrivateProfileSectionW
GetPrivateProfileIntW
lstrcmpiA
SetProcessAffinityMask
lstrlenW
lstrcatW
FindFirstFileW
FindNextFileW
FindClose
GetLastError
WriteFile
SetFilePointer
HeapCreate
GetCurrentProcess
GetWindowsDirectoryA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetFileInformationByHandle
HeapAlloc
FormatMessageA
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
CreateEventA
FileTimeToLocalFileTime
FileTimeToSystemTime
EnumResourceLanguagesA
LoadResource
GetModuleHandleA
TlsGetValue
CreateFileW

user32

SetWindowTextA
LookupIconIdFromDirectory
SendMessageA
GetMenuItemID
GetMenuItemCount
AppendMenuA
CreatePopupMenu
LoadMenuA
ScreenToClient
SetCursorPos
ChildWindowFromPoint
FindWindowA
GetWindowLongA
GetDC
GetClientRect
GetScrollPos
GetScrollRange
SetScrollPos
ScrollWindow
UpdateWindow
GetDialogBaseUnits
GetDlgItem
SetFocus
BeginPaint
EndPaint
MoveWindow
ReleaseDC
DefWindowProcA
LoadStringA
LoadStringW
GetParent
SendNotifyMessageA
DestroyAcceleratorTable
GetDlgItemTextW
LoadBitmapA
GetSystemMetrics
InvalidateRect
SetCursor
wsprintfW
GetWindowRect
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
ShowWindow
DialogBoxParamA
LoadIconA
LoadCursorA
SystemParametersInfoA
DestroyWindow
FillRect
TrackPopupMenu
SendDlgItemMessageA
GetWindowTextLengthA
GetWindowTextA
OpenClipboard
EndDialog
EmptyClipboard
CopyImage
SetClipboardData
CloseClipboard
EnableWindow
CreateDialogParamA
SetDlgItemTextA

gdi32

SetTextColor
Rectangle
GetTextExtentPoint32A
CreateDCA
GetDeviceCaps
CreateCompatibleDC
CreateDIBSection
SelectObject
BitBlt
GetDIBColorTable
DeleteObject
GetBitmapBits
CreateCompatibleBitmap
GetDIBits
CreateFontIndirectA
CreateSolidBrush
GetStockObject
PatBlt
StartDocA
StartPage
TextOutA
EndPage
EndDoc
SetAbortProc
GetTextMetricsA
EnumFontsA
DeleteDC

comdlg32

ReplaceTextA

advapi32

AllocateAndInitializeSid
SetEntriesInAclA
OpenProcessToken
RegSetValueExW
RegCreateKeyExW
RegCloseKey
FreeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCreateKeyExA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
ExtractIconExA

ole32

CreateStreamOnHGlobal
CoTaskMemFree

oleaut32

OleLoadPicture
OleSavePictureFile

userenv

CreateEnvironmentBlock

avicap32

capGetDriverDescriptionA

shlwapi

PathFindFileNameA
StrChrA
PathFindExtensionA
PathFindExtensionW
AssocCreate
PathStripToRootA
ord12

comctl32

InitCommonControlsEx
CreateToolbarEx
ImageList_Create
ImageList_ReplaceIcon

wtsapi32

WTSEnumerateProcessesA
WTSFreeMemory

uxtheme

IsThemeActive
GetThemeDocumentationProperty
EnableTheming

dxva2

SetVCPFeature

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1b0ebea1bab42e620186be23ae77a97

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

userenv

avicap32

shlwapi

comctl32

wtsapi32

uxtheme

dxva2

Sections

.text Size: 130KB - Virtual size: 130KB

.rdata Size: 240KB - Virtual size: 240KB

.data Size: 5KB - Virtual size: 13KB

.rsrc Size: 31KB - Virtual size: 31KB

.text
Size: 130KB - Virtual size: 130KB

.rdata
Size: 240KB - Virtual size: 240KB

.data
Size: 5KB - Virtual size: 13KB

.rsrc
Size: 31KB - Virtual size: 31KB