84a6e6005bf29338ce5870e16c8f1f30faa262486b9dfb222edfc85939fc3306

Sharing

Copy URL Twitter E-mail

General

Target

84a6e6005bf29338ce5870e16c8f1f30faa262486b9dfb222edfc85939fc3306
Size

206KB
MD5

0f149db74f11295e7ef5aa8874d32435
SHA1

b3f18bbb091959ba9943a2f81ce595a24905e1b4
SHA256

84a6e6005bf29338ce5870e16c8f1f30faa262486b9dfb222edfc85939fc3306
SHA512

6b6feb48e0d6c34019b1ad88931a4fef8efd6a30efc603b082bf52421b07b1ed9d482c0aa22325fe813f63f9bae04b4b0348cd007f415a0299545d0525445ea3
SSDEEP

6144:n+0JKz/akvPJ/93l0Wwla9r8Rfm7OMAfVWT7py:+0JuCkvPX18RfAFy

Score

N/A

Malware Config

Signatures

Files

84a6e6005bf29338ce5870e16c8f1f30faa262486b9dfb222edfc85939fc3306
.exe windows x86

33a198265415f61459d3d915a8fb171f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PeekMessageW
ShowWindow
GetDlgItemInt
DestroyWindow
DefWindowProcW
LoadCursorW
SetCursor
IsWindowVisible
GetDlgItem
SendMessageW
SetDlgItemInt
MoveWindow
GetClientRect
GetDesktopWindow
CheckRadioButton
ClientToScreen
GetAsyncKeyState
CreateDialogParamW
TranslateMessage
LoadStringW
ReleaseDC
GetWindowRect
IsWindow
CheckDlgButton
EnableWindow
GetDC
InvalidateRect
IsRectEmpty
DispatchMessageW
SetWindowLongW
GetWindowLongW
SetDlgItemTextW

kernel32

lstrcpynW
MultiByteToWideChar
CreateEventW
CreateFileW
SetThreadPriority
CreateThread
GlobalFree
SetUnhandledExceptionFilter
InterlockedExchange
GetModuleFileNameA
EnterCriticalSection
VirtualFree
GlobalMemoryStatus
DeleteFileW
WideCharToMultiByte
GetQueuedCompletionStatus
GetACP
SetEndOfFile
GetTickCount
GetSystemDefaultLangID
GetFileAttributesW
GetDiskFreeSpaceW
GetProcAddress
GetFileSize
GetFullPathNameW
GetCurrentProcessId
HeapAlloc
InitializeCriticalSection
IsBadReadPtr
WaitForMultipleObjects
GetSystemTimeAsFileTime
HeapFree
GlobalAlloc
MulDiv
GetProfileIntA
CreateSemaphoreW
WaitForSingleObject
DeleteCriticalSection
GetVersionExW
FreeLibrary
lstrlenA
LoadLibraryW
LeaveCriticalSection
lstrcmpW
ReadFile
lstrcpyA
IsBadCodePtr
GlobalHandle
GlobalUnlock
SetEvent
GetTimeZoneInformation
GetPrivateProfileStringW
ReleaseSemaphore
GlobalLock
lstrcpyW
InterlockedIncrement
GetSystemInfo
CloseHandle
ResetEvent
lstrcmpiW
GetCurrentThread
QueryPerformanceCounter
lstrlenW
InterlockedDecrement
IsBadWritePtr
GetLastError
WriteFile
GetThreadPriority
GetCurrentProcess
SetFilePointer
GetProcessHeap

ncobjapi

WmiCommitObject
WmiCreateObject
WmiEventSourceDisconnect
WmiIsObjectActive
WmiCreateObjectWithFormat
WmiAddObjectProp
WmiEventSourceConnect
WmiCreateObjectWithProps
WmiSetAndCommitObject
WmiDestroyObject

nddeapi

NDdeGetShareSecurityA
NDdeIsValidAppTopicListW
NDdeGetTrustedShareW
NDdeIsValidAppTopicListA
NDdeGetTrustedShareA
NDdeGetErrorStringA
NDdeGetShareSecurityW

ifsutil

?AddNext@NUMBER_SET@@QAEEVBIG_INT@@@Z
?AddVolumeName@MOUNT_POINT_MAP@@QAEEPAVWSTRING@@0@Z
?CheckAndRemove@NUMBER_SET@@QAEEVBIG_INT@@PAE@Z
?AddStart@NUMBER_SET@@QAEEVBIG_INT@@@Z
?CheckAndAdd@NUMBER_SET@@QAEEVBIG_INT@@PAE@Z
?AddEdge@DIGRAPH@@QAEEKK@Z
?CheckAndAdd@SPARSE_SET@@QAEEVBIG_INT@@PAE@Z
?AddEntry@AUTOREG@@SGEPBVWSTRING@@@Z

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33a198265415f61459d3d915a8fb171f

Headers

File Characteristics

Imports

user32

kernel32

ncobjapi

nddeapi

ifsutil

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 58KB - Virtual size: 58KB

.data Size: 62KB - Virtual size: 2.1MB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 58KB - Virtual size: 58KB

.data
Size: 62KB - Virtual size: 2.1MB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB