3c505b7c3a358d19a01e385a1d7bbd1b2571064738f651eba2ee62a3c0d7dec0

Sharing

Copy URL

Twitter E-mail

General

Target

3c505b7c3a358d19a01e385a1d7bbd1b2571064738f651eba2ee62a3c0d7dec0
Size

330KB
MD5

0a27982782f453cd643d5c6cdfbc8683
SHA1

baba1db6f16d87c4850e27f80c7453577a7a0cb7
SHA256

3c505b7c3a358d19a01e385a1d7bbd1b2571064738f651eba2ee62a3c0d7dec0
SHA512

6667e1a5789d7d1452d4a64157ba8d4203d7ab3020989996c5dd82163b1ac7ddbd7471b27e557fd3615f5342b881ab9ef6328715e7c31b3c4d03dc87d3f5ed7b
SSDEEP

6144:RnghgpWOTrV5P96xNN3KCGhm6YpiOIH0RIRZX6Hv5bqdK1P/3m:RngeF9WF4m6YMRnR9A1X

Score

N/A

Malware Config

Signatures

Files

3c505b7c3a358d19a01e385a1d7bbd1b2571064738f651eba2ee62a3c0d7dec0
.exe windows x64

ba6498d069813141251615fffc2a69d3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

gdi32

CreateRectRgn
CombineRgn
InvertRgn
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
SelectPalette
StretchDIBits
DeleteDC
CreateDIBitmap
GetObjectW
BitBlt
GetDIBits
GetStockObject
PolyPatBlt
GdiFlush
GetNearestColor
SetDCBrushColor
SetTextColor
SetBkColor
CreateFontIndirectW
PatBlt
GetTextExtentPoint32W
CreateDCW
EnumFontFamiliesExW
SetFontEnumeration
GetTextFaceW
GetDeviceCaps
SetBkMode
GetCurrentObject
GetRegionData
GetRgnBox
PolyTextOutW
SetSystemPaletteUse
RealizePalette
GetStringBitmapW
CreateSolidBrush
GetCharWidth32W
CreateBitmap
TranslateCharsetInfo
SetBitmapBits
StretchBlt
GetBitmapBits
GetTextMetricsW
SetDIBitsToDevice

user32

TrackPopupMenuEx
GetKeyboardLayout
EnumDisplaySettingsW
LoadIconW
LoadImageW
RegisterClassExW
SetProcessDPIAware
NotifyWinEvent
ReleaseCapture
SetCapture
GetKeyState
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
VkKeyScanW
MapVirtualKeyW
GetClipboardData
InvalidateRect
GetCursorPos
GetClientRect
MapWindowPoints
SetCursor
ScreenToClient
LoadStringW
PostMessageW
SendMessageW
GetSystemMetrics
SetWindowLongPtrW
SendDlgItemMessageW
CheckRadioButton
GetDlgItemTextW
IsDlgButtonChecked
SendNotifyMessageW
EndDialog
DialogBoxParamW
GetWindowPlacement
IsIconic
DefWindowProcW
ReleaseDC
KillTimer
GetWindowLongW
ScrollDC
SetScrollInfo
UnpackDDElParam
EndPaint
DrawIcon
BeginPaint
ReuseDDElParam
SendMessageTimeoutW
PtInRect
CreateIconFromResourceEx
SetTimer
ShowWindow
SetActiveWindow
GetSystemMenu
DestroyWindow
GetDC
CreateWindowExW
ClientToScreen
GetWindowRect
SetWindowPlacement
SetWindowLongW
LoadCursorW
GetMonitorInfoW
MonitorFromRect
GetCaretBlinkTime
PrivateExtractIconExW
EnterReaderModeHelper
TranslateMessageEx
ConsoleControl
AdjustWindowRectEx
SetWindowPos
SetWindowTextW
GetWindowTextW
EnableMenuItem
AppendMenuW
LoadMenuW
SetMenuItemInfoW
ToUnicodeEx
GetKeyboardState
UnhookWindowsHookEx
DispatchMessageW
GetMessageW
SetWindowsHookExW
RegisterWindowMessageW
GetWindowLongPtrW
GetKeyboardLayoutNameW
GetKeyboardLayoutNameA
ActivateKeyboardLayout
SystemParametersInfoW
DestroyIcon
CopyIcon
WindowFromPoint

msvcrt

free
memset
memcpy
memcmp
?terminate@@YAXXZ
__set_app_type
_fmode
_commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_cexit
_ismbblead
_exit
_XcptFilter
__C_specific_handler
__getmainargs
_vsnwprintf
wcschr
wcsncmp
wcsrchr
atoi
_itoa
memmove
malloc
_local_unwind

ntdll

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlIntegerToUnicodeString
RtlUnicodeToMultiByteSize
RtlInitializeCriticalSectionAndSpinCount
RtlConsoleMultiByteToUnicodeN
NtOpenKey
NtReplyWaitReceivePort
RtlExitUserProcess
ShipAssert
NtCreatePort
NtAcceptConnectPort
RtlOpenCurrentUser
NtEnumerateValueKey
NtQueryValueKey
RtlCreateTagHeap
RtlDosSearchPath_U
NtSetInformationProcess
RtlInitCodePageTable
RtlUnicodeToMultiByteN
RtlMultiByteToUnicodeN
RtlCustomCPToUnicodeN
RtlOemToUnicodeN
RtlUnicodeToOemN
RtlReAllocateHeap
RtlExitUserThread
RtlUnicodeStringToInteger
RtlInitUnicodeString
RtlGetCriticalSectionRecursionCount
NtDuplicateObject
NtSetEvent
NtClearEvent
NtCreateEvent
RtlDeleteCriticalSection
DbgPrintEx
RtlAllocateHeap
NtCreateSection
RtlFreeHeap
RtlInitializeCriticalSection
NtQueryInformationProcess
NtOpenProcess
NtVdmControl
NtReadVirtualMemory
RtlLeaveCriticalSection
RtlEnterCriticalSection
NtReplyPort
RtlCompareUnicodeString
RtlSizeHeap
NtReleaseMutant
NtWaitForSingleObject
NtCreateMutant
NtUnmapViewOfSection
NtClose
NtMapViewOfSection

api-ms-win-core-localregistry-l1-1-0

RegGetValueW

kernel32

GetPrivateProfileStringW
SetEnvironmentVariableW
GetEnvironmentVariableW
CreateActCtxW
GetModuleFileNameW
GetCurrentThreadId
GetLastError
CloseHandle
GetCurrentProcessId
IsValidCodePage
LockResource
LoadResource
FindResourceExW
lstrlenA
GlobalSize
GetStringTypeW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
LoadLibraryExW
FreeLibrary
GetCurrentThread
GetSystemDirectoryA
CreateFileA
GetModuleHandleW
GetOEMCP
GetACP
CreateThread
Sleep
GetStartupInfoW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
ReadFile
SetFilePointer
MultiByteToWideChar
CreateFileW
LocalAlloc
LocalFree
LocalReAlloc
GetVersionExW
VirtualProtect
VirtualAlloc
VirtualQuery
GetSystemInfo
GetCommandLineW
SetProcessShutdownParameters
GetSystemDirectoryW
LoadLibraryW
GetProcAddress
WideCharToMultiByte
GetCPInfo
lstrlenW
ExpandEnvironmentStringsW
Beep

imm32

ImmGetCompositionStringW
ImmGetGuideLineW
ImmReleaseContext
ImmGetConversionStatus
ImmGetOpenStatus
ImmGetContext
ImmAssociateContextEx
ImmTranslateMessage
ImmAssociateContext
ImmNotifyIME
ImmGetCandidateListW
ImmGetProperty

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance

oleaut32

SysFreeString
SysStringLen
SysAllocStringLen
VariantClear
SysAllocString
SysReAllocString
VariantInit

Sections

.text
Size: 220KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

FE_TEXT
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba6498d069813141251615fffc2a69d3

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

msvcrt

ntdll

api-ms-win-core-localregistry-l1-1-0

kernel32

imm32

ole32

oleaut32

Sections

.text Size: 220KB - Virtual size: 219KB

FE_TEXT Size: 25KB - Virtual size: 25KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 5KB - Virtual size: 5KB

.pdata Size: 18KB - Virtual size: 18KB

.rsrc Size: 34KB - Virtual size: 33KB

.reloc Size: 512B - Virtual size: 436B

.text
Size: 220KB - Virtual size: 219KB

FE_TEXT
Size: 25KB - Virtual size: 25KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 5KB - Virtual size: 5KB

.pdata
Size: 18KB - Virtual size: 18KB

.rsrc
Size: 34KB - Virtual size: 33KB

.reloc
Size: 512B - Virtual size: 436B