3fdcaf1e370473a401f427d5a646af5f64bbf490164841de8f2ea976e36d093d

Sharing

Copy URL Twitter E-mail

General

Target

3fdcaf1e370473a401f427d5a646af5f64bbf490164841de8f2ea976e36d093d
Size

219KB
MD5

0dabb0e008cf755567f27e9db7e36f6f
SHA1

2043b6b2c293517a048dddf29ac6abc7911e8fa2
SHA256

3fdcaf1e370473a401f427d5a646af5f64bbf490164841de8f2ea976e36d093d
SHA512

399e9b3e4325633dba9e183fd37c40b86de63c9682039f20c7d0f51b527cb2dff574873c28120d61eb71b2cadf806100ff3b52c466da479d68c6535a64d884c6
SSDEEP

6144:re2BM8r3QhTj4dSL7096p6Lcd+qDS2QIj75x:SQbQFjUSL70cdjDeIn5x

Score

N/A

Malware Config

Signatures

Files

3fdcaf1e370473a401f427d5a646af5f64bbf490164841de8f2ea976e36d093d
.exe windows x86

bcb6a2adc38def366f3b55b80f525c89

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenuItemRect
SetForegroundWindow
GetWindowLongA
GetFocus
WaitForInputIdle
RemoveMenu
FrameRect
EndDialog
AttachThreadInput
EnableMenuItem
SetParent
EnumChildWindows
UnregisterClassA
MessageBoxA
LoadCursorA
GetWindowThreadProcessId
GetMenuStringA
KillTimer
ReleaseDC
UpdateWindow
PostMessageA
SetRect
TranslateAcceleratorA
GetDlgItem
LoadMenuA
GetDC
wsprintfA
GetKeyboardState
GetSystemMetrics
ShowCursor
DestroyIcon
GetMenuItemCount
ScrollWindow
CharLowerA
BeginPaint
GetForegroundWindow
GetActiveWindow
AdjustWindowRect
GetCursorPos
GetKeyboardLayout
DefDlgProcA
CheckRadioButton
GetMenuDefaultItem
EnumWindows
IsZoomed
TrackPopupMenu
FindWindowA
WindowFromDC
GetMenuItemID
CreateIcon
ScreenToClient
EnumDesktopWindows
SetCursor
FillRect
CreateWindowExA
LoadStringA
EnumThreadWindows
CharUpperBuffA
IsChild
ModifyMenuA
ChildWindowFromPoint
SetCursorPos
GetClassLongA
GetWindowPlacement
IsWindowVisible
RegisterClassA
GetWindowRect
TranslateMessage
GetTopWindow
WindowFromPoint

kernel32

Sleep
ExitProcess
GetCurrentProcess
FindResourceA
LoadResource
SizeofResource
GlobalHandle
LocalAlloc
LocalFree
FindNextFileA
VirtualProtectEx
GetExitCodeProcess
LoadLibraryA
GetProcAddress
GetModuleHandleA
lstrcmpi
GlobalAlloc
GetExitCodeThread
GetFullPathNameA
BuildCommDCBA
DeleteAtom
WriteFile
GlobalReAlloc
CreateFileMappingA
GetDateFormatA
SetConsoleMode
ReadConsoleInputA
CloseHandle
CreateFileA
GetNamedPipeInfo
UnmapViewOfFile
GlobalLock
TlsSetValue
GetFileTime
OpenMutexA
GetModuleFileNameA
GetVersionExA
GetStdHandle
ReadFile
GetCurrentThread
GetCurrentThreadId
GetCommTimeouts
SetCommState
DosDateTimeToFileTime
ResumeThread
InterlockedDecrement
LockFile
GetConsoleTitleA
FileTimeToSystemTime
ResetEvent
GetEnvironmentVariableA
WriteConsoleOutputA
GetDiskFreeSpaceA
SetConsoleTextAttribute
LoadModule
SetThreadPriority

wsock32

gethostname
ntohl
WSAGetLastError
setsockopt
accept
bind
htons
recv
recvfrom
connect
ntohs
getsockname
WSACleanup
htonl
closesocket
sendto
socket
getpeername
WSAStartup
inet_ntoa
send
shutdown
listen
gethostbyname

advapi32

RegNotifyChangeKeyValue
RegSetValueExA
RegOpenKeyExA
RegEnumValueA
RegQueryValueExA
RegSetValueA
RegCloseKey
RegEnumKeyExA
RegCreateKeyExA
RegConnectRegistryA

gdi32

BitBlt
GetObjectA
GetTextMetricsA
GetMapMode
SetDIBitsToDevice
GetRgnBox
PolyDraw
SetViewportExtEx
CreateRectRgn
DeleteDC
GetSystemPaletteEntries
ResizePalette
FrameRgn
StretchBlt
StretchDIBits
GetNearestColor
CreateDIBitmap
BeginPath
SetViewportOrgEx
GetWorldTransform
SetDIBits
Arc
FillPath
GetCharWidth32A
ArcTo
FillRgn
SetTextAlign
DeleteObject
RealizePalette
SetPixelFormat
GetKerningPairsA
GetWindowOrgEx
SetBkMode
Rectangle
SetWindowExtEx

Sections

CODE
Size: 8KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DGROUP
Size: 3KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 196KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bcb6a2adc38def366f3b55b80f525c89

Headers

File Characteristics

Imports

user32

kernel32

wsock32

advapi32

gdi32

Sections

CODE Size: 8KB - Virtual size:

DGROUP Size: 3KB - Virtual size:

.rdata Size: 1024B - Virtual size:

.idata Size: 4KB - Virtual size:

.reloc Size: 4KB - Virtual size:

.rsrc Size: 196KB - Virtual size:

CODE
Size: 8KB - Virtual size:

DGROUP
Size: 3KB - Virtual size:

.rdata
Size: 1024B - Virtual size:

.idata
Size: 4KB - Virtual size:

.reloc
Size: 4KB - Virtual size:

.rsrc
Size: 196KB - Virtual size: