b1a5e5407b9b65befa013ac211995dcf8cffb438b1f7900d0de3f0e7d0a045d9

Sharing

Copy URL Twitter E-mail

General

Target

b1a5e5407b9b65befa013ac211995dcf8cffb438b1f7900d0de3f0e7d0a045d9
Size

174KB
MD5

200be3f4e56c88c1c7c71d5686bed360
SHA1

f2bd34861dc4bfdfc83634a140e7c49fcd5a0af4
SHA256

b1a5e5407b9b65befa013ac211995dcf8cffb438b1f7900d0de3f0e7d0a045d9
SHA512

279cdb59c409bf32cd650a1660edcb0efbca258482514b48e128ca873e95aed8abdb5bc6d95305335ceefa9b2e4ba028a2056cf0506028f85bd87373144344ab
SSDEEP

3072:g9WJSMTsgZMffTuJTqTyKMCUghb9GEIDfLZhihceHY9uubhxbtI/XdmMDfh3H8Wu:eWKMTmy5CUghbwEIDfLgY4ubB0BTW

Score

N/A

Malware Config

Signatures

Files

b1a5e5407b9b65befa013ac211995dcf8cffb438b1f7900d0de3f0e7d0a045d9
.exe windows x86

2e5af3cb05d5c700e12682f1f67a1018

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsDialogMessageA
CharLowerW
SetScrollRange
BeginPaint
FindWindowW
DdeGetData
DdeKeepStringHandle
GetClipboardFormatNameA
DefFrameProcA
DdeAbandonTransaction
DdeAccessData
RegisterWindowMessageW
GetUserObjectInformationA
EndPaint
CharLowerBuffA
CharLowerA
DrawFrameControl
SetMenuItemInfoA
SetWindowsHookExA
InflateRect
CreateCursor
ClientToScreen
DdeDisconnect
SetWindowPos
SetForegroundWindow
SendDlgItemMessageA
CharUpperBuffW
DdeInitializeW
DefFrameProcW
SetDlgItemTextA
EndDeferWindowPos
CharToOemBuffW
ShowScrollBar
EnableScrollBar
GetWindowLongA
IsDialogMessageW
EnumDesktopsW
LoadBitmapA
GetClassInfoExA
DdeCreateStringHandleW
SetTimer
ArrangeIconicWindows
GetNextDlgTabItem
MessageBoxA
CharUpperBuffA
SendMessageTimeoutA
DdeQueryStringW
SetDlgItemTextW

gdi32

MoveToEx
CreateFontIndirectW
CreateFontIndirectA
GetDIBits
SetBrushOrgEx

ntdll

_allmul
_allshl
_aulldiv

Exports

Exports

?ButsOrgyAxalGainam@@YGGPCDPCUJinxLinngormla@@PCUtagPOINT@@PCUtagWNDCLASSW@@IAC_K@Z

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.saysi
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Khetby
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Yogh
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dugen
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.moswo
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Rhospa
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Everid
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yumna
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pupba
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Cohooy
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bosen
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e5af3cb05d5c700e12682f1f67a1018

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

ntdll

Exports

Exports

Sections

.text Size: 70KB - Virtual size: 69KB

.saysi Size: 7KB - Virtual size: 7KB

.Khetby Size: 6KB - Virtual size: 6KB

.Yogh Size: 5KB - Virtual size: 5KB

.dugen Size: 5KB - Virtual size: 5KB

.moswo Size: 7KB - Virtual size: 7KB

.Rhospa Size: 6KB - Virtual size: 6KB

.Everid Size: 7KB - Virtual size: 7KB

.data Size: 9KB - Virtual size: 9KB

.yumna Size: 8KB - Virtual size: 8KB

.pupba Size: 8KB - Virtual size: 8KB

.Cohooy Size: 1KB - Virtual size: 1KB

.edata Size: 5KB - Virtual size: 5KB

.bosen Size: 9KB - Virtual size: 9KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 70KB - Virtual size: 69KB

.saysi
Size: 7KB - Virtual size: 7KB

.Khetby
Size: 6KB - Virtual size: 6KB

.Yogh
Size: 5KB - Virtual size: 5KB

.dugen
Size: 5KB - Virtual size: 5KB

.moswo
Size: 7KB - Virtual size: 7KB

.Rhospa
Size: 6KB - Virtual size: 6KB

.Everid
Size: 7KB - Virtual size: 7KB

.data
Size: 9KB - Virtual size: 9KB

.yumna
Size: 8KB - Virtual size: 8KB

.pupba
Size: 8KB - Virtual size: 8KB

.Cohooy
Size: 1KB - Virtual size: 1KB

.edata
Size: 5KB - Virtual size: 5KB

.bosen
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 13KB - Virtual size: 12KB