f1f0eaa85dfcfe916e20d45a23d5d055793c8b307d1b4c7121f6a025ced88007

Sharing

Copy URL Twitter E-mail

General

Target

f1f0eaa85dfcfe916e20d45a23d5d055793c8b307d1b4c7121f6a025ced88007
Size

212KB
MD5

0cfa03f46cce63956cf6f4fdaab377c0
SHA1

9d868148f14f5766168f02552d09ac2fdc5931fe
SHA256

f1f0eaa85dfcfe916e20d45a23d5d055793c8b307d1b4c7121f6a025ced88007
SHA512

bd774ebac94bef4dea95209f7c02b72ab39cd6ddd6e79820c070963611afe6af2c7e94766d8846e8a3e0c0b6a87a7ba1c330880d2d94112c2b61f0377728a0e6
SSDEEP

6144:R16qq0qDTSJaYAj0HGF0WeQv34Kr4+j/ODd:RIqW4O0HGFQQv34S4+S

Score

N/A

Malware Config

Signatures

Files

f1f0eaa85dfcfe916e20d45a23d5d055793c8b307d1b4c7121f6a025ced88007
.exe windows x86

817340a11782515746e1eb2db7538cb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DdeImpersonateClient
MsgWaitForMultipleObjectsEx
ScrollWindow
SetWindowLongA
IsWindowEnabled
LoadImageW
GetMessageW
ImpersonateDdeClientWindow
RemovePropW
LoadAcceleratorsA
TranslateMessage
BroadcastSystemMessageW
TranslateAcceleratorA
ReleaseDC
GetMenuStringW
DrawIconEx
ShowWindow
wvsprintfA
DefMDIChildProcW
GetWindowTextA
GetClassInfoExW
SetActiveWindow
GetShellWindow
RegisterClassA
mouse_event
CopyRect
MessageBoxExA
UnregisterHotKey
CallWindowProcA
InsertMenuW
SetScrollPos
PeekMessageW
GetWindowLongA
GetKeyboardLayout
OpenWindowStationA
SetDlgItemInt
LoadAcceleratorsW
WaitForInputIdle
MessageBeep
DrawTextW
SetWindowTextA
GetDlgItemTextW
MapWindowPoints
SetScrollInfo
DefFrameProcW

gdi32

GetNearestColor
BitBlt
SetTextColor
DeleteObject
CreateSolidBrush
CreatePalette

ntdll

_aulldiv
_allshl
_allmul

Exports

Exports

?PaleOwedcacalipaNegswan@@YGEPCU_SECURITY_ATTRIBUTES@@UDorrCeltBock@@ACEUShundeadpathThio@@PCUGhatCotevanmm@@PC_J@Z

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Khetby
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Yogh
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dugen
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.moswo
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Rhospa
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Everid
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yumna
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pupba
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Cohooy
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bosen
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

817340a11782515746e1eb2db7538cb3

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

ntdll

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 76KB

.Khetby Size: 7KB - Virtual size: 7KB

.Yogh Size: 4KB - Virtual size: 4KB

.dugen Size: 14KB - Virtual size: 14KB

.moswo Size: 9KB - Virtual size: 8KB

.Rhospa Size: 9KB - Virtual size: 8KB

.Everid Size: 9KB - Virtual size: 8KB

.data Size: 14KB - Virtual size: 14KB

.yumna Size: 9KB - Virtual size: 8KB

.pupba Size: 10KB - Virtual size: 9KB

.Cohooy Size: 6KB - Virtual size: 5KB

.edata Size: 13KB - Virtual size: 13KB

.bosen Size: 16KB - Virtual size: 15KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 76KB - Virtual size: 76KB

.Khetby
Size: 7KB - Virtual size: 7KB

.Yogh
Size: 4KB - Virtual size: 4KB

.dugen
Size: 14KB - Virtual size: 14KB

.moswo
Size: 9KB - Virtual size: 8KB

.Rhospa
Size: 9KB - Virtual size: 8KB

.Everid
Size: 9KB - Virtual size: 8KB

.data
Size: 14KB - Virtual size: 14KB

.yumna
Size: 9KB - Virtual size: 8KB

.pupba
Size: 10KB - Virtual size: 9KB

.Cohooy
Size: 6KB - Virtual size: 5KB

.edata
Size: 13KB - Virtual size: 13KB

.bosen
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 12KB - Virtual size: 12KB