c97e9d308e3bd6c5f1d7b8c8751f0bc8efec9720f383c8d367b79f5abb72e9c2

Sharing

Copy URL Twitter E-mail

General

Target

c97e9d308e3bd6c5f1d7b8c8751f0bc8efec9720f383c8d367b79f5abb72e9c2
Size

883KB
MD5

0067c42a046e8b256ba7bd75859ae9d0
SHA1

2e87dd2befef0d6dee08cd8d7292af4aaab73970
SHA256

c97e9d308e3bd6c5f1d7b8c8751f0bc8efec9720f383c8d367b79f5abb72e9c2
SHA512

7a4af0281a1685715ca3e94ca8b86277ce63206e98fc22d4529dbea36d8fa1b70ab7be9eb1c2550dfcb29d60cf9a3e01cbd76ea83f7cc58cbeed0fd11cd70570
SSDEEP

6144:maVQAi0kZP2t2dAu/H3ryJjl6Bu840wtus2hJ0vh:BaAp3t2dAu/byJR60D0MusT5

Score

N/A

Malware Config

Signatures

Files

c97e9d308e3bd6c5f1d7b8c8751f0bc8efec9720f383c8d367b79f5abb72e9c2
.exe windows x86

b6b668d468e03b5c88b4b632f7cf89c7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
ConvertSDToStringSDRootDomainW
ConvertSidToStringSidW
ConvertStringSidToSidW
CreateProcessWithLogonW
EqualSid
ReadEncryptedFileRaw
RegCreateKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegRestoreKeyW
RegSaveKeyW
SystemFunction001
BuildTrusteeWithNameW
ElfNumberOfRecords
EqualPrefixSid
LsaEnumerateTrustedDomains
LsaOpenTrustedDomainByName
RegEnumKeyExW
RegEnumValueW
RegOpenKeyA
RegCreateKeyA
RegCreateKeyExA
RegFlushKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

gdi32

SetVirtualResolution
PolyBezier
SetPixelV
SetViewportOrgEx
CLIPOBJ_cEnumStart
CreatePatternBrush
GetLogColorSpaceW
BitBlt
CreateCompatibleDC
CreateDIBSection
CreateFontIndirectA
DeleteDC
DeleteObject
EndDoc
EndPage
GetDeviceCaps
GetObjectA
GetStockObject
GetTextMetricsA
PatBlt
RealizePalette
SelectObject
SelectPalette
StartPage
TextOutA
SetBitmapBits

kernel32

CloseHandle
CreateEventW
CreateProcessA
FindResourceExA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTempPathA
GetTickCount
InterlockedCompareExchange
InterlockedExchange
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
CancelWaitableTimer
CompareStringW
CreateFileW
DisconnectNamedPipe
FindResourceExW
GetDiskFreeSpaceW
GetLogicalDriveStringsA
GetModuleFileNameW
GetTempFileNameW
GlobalSize
LocalAlloc
LocalFree
LockFileEx
Module32Next
OpenFile
ProcessIdToSessionId
RaiseException
ReadFile
SetPriorityClass
SetThreadLocale
SystemTimeToFileTime
lstrlenW
DisableThreadLibraryCalls
FreeLibrary
GetFileAttributesExW
GetProcAddress
HeapDestroy
InterlockedDecrement
InterlockedIncrement
LoadLibraryW
MultiByteToWideChar
lstrcpyW
CompareStringA
FindResourceW
FormatMessageW
GetLocaleInfoW
GetPrivateProfileSectionNamesW
GetSystemTime
LoadLibraryExW
LoadResource
ReadConsoleInputW
SetMailslotInfo
SetThreadPriority
SizeofResource
lstrcmpiW
lstrcpynW
lstrlenA
CreateDirectoryA
CreateFileA
FindResourceA
FreeLibraryAndExitThread
FreeResource
GetDateFormatA
GetFileAttributesA
GetTimeFormatA
LoadLibraryA
LockResource
MulDiv
RequestDeviceWakeup
SetErrorMode
SetEvent
WriteFile
lstrcpyA
lstrcpynA
GetModuleHandleW
ExitProcess
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
GetLastError
HeapFree
HeapAlloc
GetCurrentDirectoryA
SetCurrentDirectoryA
Beep
SetConsoleCtrlHandler
GetLocalTime
GetCommandLineA
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThread
GetStdHandle
GetModuleFileNameA
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapCreate
VirtualFree
HeapSize
HeapReAlloc
GetModuleHandleA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsDBCSLeadByteEx
ReadConsoleA
GetConsoleCP
ReadConsoleW
SetConsoleMode
GetConsoleMode
WideCharToMultiByte
SetEnvironmentVariableA
SetEnvironmentVariableW
LCMapStringA
LCMapStringW
FindFirstFileW
FindNextFileW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
RtlUnwind
SetFilePointer
GetTimeZoneInformation
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
GetExitCodeProcess
WaitForSingleObject

oleaut32

VarBstrFromUI1
VarUdateFromDate
VarDecMul
SysStringByteLen
VarUI4FromUI2
LPSAFEARRAY_UserMarshal

user32

AttachThreadInput
TabbedTextOutW
CharNextW
CopyAcceleratorTableA
CreateIconIndirect
DdeReconnect
GetAsyncKeyState
UnhookWindowsHookEx
UnregisterClassW
WINNLSEnableIME
DdeUninitialize
DestroyIcon
SetMenuInfo
CheckRadioButton
wvsprintfA
AdjustWindowRectEx
BeginDeferWindowPos
CharNextA
CreateWindowExA
DefWindowProcA
DeferWindowPos
DestroyWindow
DialogBoxParamA
DispatchMessageA
DrawTextA
EnableMenuItem
EndDeferWindowPos
EndDialog
GetClientRect
GetDC
GetDlgItem
GetFocus
GetMessageA
GetParent
GetSysColor
GetSystemMetrics
GetTopWindow
GetWindowLongA
GetWindowRect
GetWindowTextA
InvalidateRect
IsClipboardFormatAvailable
IsIconic
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsA
LoadImageA
LoadStringA
MessageBoxA
MoveWindow
PeekMessageA
PostMessageA
PostQuitMessage
RedrawWindow
ReleaseDC
SendMessageA
SetFocus
SetTimer
SetWindowPos
SetWindowTextA
ShowWindow
TranslateAcceleratorA
TranslateMessage
UnregisterClassA
WinHelpA
wsprintfA

Sections

.text
Size: 261KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 468KB - Virtual size: 468KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 152KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b6b668d468e03b5c88b4b632f7cf89c7

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

gdi32

kernel32

oleaut32

user32

Sections

.text Size: 261KB - Virtual size: 260KB

.rdata Size: 468KB - Virtual size: 468KB

.data Size: 152KB - Virtual size: 163KB

.text
Size: 261KB - Virtual size: 260KB

.rdata
Size: 468KB - Virtual size: 468KB

.data
Size: 152KB - Virtual size: 163KB