6423bcfdbe226f0c413b75877d3286caa4406c4e691778fce40f0b2d41bf4bb8

Sharing

Copy URL Twitter E-mail

General

Target

6423bcfdbe226f0c413b75877d3286caa4406c4e691778fce40f0b2d41bf4bb8
Size

240KB
MD5

130f067d20c0e3929d646aee29c6b580
SHA1

4f92bd2c72232f8ad519d7e11274df00f9fb2179
SHA256

6423bcfdbe226f0c413b75877d3286caa4406c4e691778fce40f0b2d41bf4bb8
SHA512

4f63d563ca6b46a532f6364c6feeb96882d22346a76c849668aed8aae990daa0923d9bb3c323b4c0a9729e178cd70bb1d3b26e882cba6b123518f1ad798b454e
SSDEEP

6144:Lj3XN21XLiPRe2mERe8OU4l4Am2CVrdyS:L7zpmEMHZm2CVr

Score

N/A

Malware Config

Signatures

Files

6423bcfdbe226f0c413b75877d3286caa4406c4e691778fce40f0b2d41bf4bb8
.exe windows x86

e08b84f33e85be538745c30fc3ecfdef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

VerSetConditionMask

shlwapi

StrStrA
StrSpnA
PathIsRootW

kernel32

GetSystemTime
DebugBreak
AddConsoleAliasA
GlobalAddAtomW
GetFullPathNameW
LocalUnlock
TryEnterCriticalSection
lstrlenA
GetLogicalDrives
FlushConsoleInputBuffer
GetModuleHandleW
GetTickCount
GetProcessHeap
ExpandEnvironmentStringsA
GetNumberFormatA
GetWindowsDirectoryA
GetCompressedFileSizeW
GetCommandLineA
GetVolumePathNameW
GlobalAlloc
GetSystemDirectoryW
GetLocaleInfoW
SetVolumeMountPointA
lstrcpynW
GetTimeFormatW
SetConsoleCursorPosition
VerifyVersionInfoA
GetModuleFileNameW
GetCompressedFileSizeA
GetEnvironmentVariableA
lstrcmpW
IsBadStringPtrA
ReleaseSemaphore
WritePrivateProfileStringW
GetShortPathNameA
SetCurrentDirectoryA
lstrcmpiA
SetFileAttributesA
ResetEvent
CreateSemaphoreW
MoveFileA
FindFirstVolumeMountPointW
GetDiskFreeSpaceA
GlobalHandle
DeviceIoControl
WaitForMultipleObjects
GetOEMCP
FindNextFileA
WriteProfileStringA
GetThreadPriority
lstrcmpiW
SetConsoleTitleW
LoadLibraryExA
lstrcatW
EnumResourceNamesA
GetStringTypeW
FillConsoleOutputAttribute
GetFileTime
GetFileAttributesExW
GetShortPathNameW
OutputDebugStringA
GetWindowsDirectoryW
FindNextVolumeA

user32

ArrangeIconicWindows
GetUserObjectInformationA
GetClassNameA
PostThreadMessageA
GetMessageW
MonitorFromPoint
SendInput
SendDlgItemMessageA
CharNextW
ShowWindowAsync
IsCharAlphaA
IsChild
GetTopWindow
TabbedTextOutW
GetPropA
GetSubMenu
CloseWindowStation
LoadBitmapA
AttachThreadInput
CreateCursor
CreateDesktopA
OpenDesktopW
WindowFromPoint
IsCharLowerA
FindWindowW
GrayStringA
DrawEdge
GetMenuItemInfoW
RegisterWindowMessageA
GetClassLongW
SetPropW
WinHelpA
TranslateMessage
LoadAcceleratorsW
DrawStateA
GetKeyboardLayout
TrackPopupMenuEx
OemToCharA
UnionRect
EnableMenuItem
MapVirtualKeyExW
GetDlgItem
RegisterDeviceNotificationW
SendMessageTimeoutA
GetDesktopWindow
CheckDlgButton
IsDlgButtonChecked
GetActiveWindow
GetMenuItemCount
DdeQueryStringA
SetMenuDefaultItem
DefDlgProcA
SetWindowsHookExW
DeferWindowPos
OpenWindowStationW
DialogBoxIndirectParamA
SetWindowTextW
SetMenuItemInfoW
SetDlgItemTextA
ModifyMenuA
DefFrameProcW
GetClassLongA
GetKeyboardLayoutNameA
EnumWindows

gdi32

BeginPath
MoveToEx
EndPage
RemoveFontResourceA
AddFontResourceA
TranslateCharsetInfo
GetTextExtentPoint32W
GetTextMetricsW
GetTextExtentPoint32A
SetViewportOrgEx
LineTo
DeleteEnhMetaFile
EnumFontsW
GetMetaFileBitsEx
CreateEnhMetaFileA
GetROP2
CreateHatchBrush
GetBkMode
DeleteDC
CreateFontIndirectW
GetDeviceCaps
StretchBlt
GetDIBits
SetDIBColorTable
CreateDCA
GetTextCharsetInfo
CreatePalette
SetAbortProc
CopyMetaFileW
CreateBitmap
UnrealizeObject
LineDDA
DeleteObject
GetPaletteEntries
EnumFontFamiliesExA
PtInRegion
CreatePenIndirect
CreateCompatibleDC
CreateRectRgnIndirect
CombineRgn
GetMapMode
ExtTextOutW
OffsetRgn
FillRgn
SaveDC
GetCharWidth32W
RealizePalette
CreateFontW
SetDIBits
GetObjectW
GetTextAlign
GetTextExtentExPointA
SetStretchBltMode
EnumFontFamiliesA
GetNearestColor
GetTextExtentPointA
CreatePatternBrush
Polyline
CreatePen
PolyBezier
CreateEllipticRgnIndirect
GetFontData
IntersectClipRect
GetObjectA
OffsetViewportOrgEx
ExtTextOutA
GetTextColor
CreateEnhMetaFileW
CloseMetaFile
CreatePolygonRgn

Exports

Exports

?closeSec@@YGKPAK@Z
GoshAbysWentRendPoreRoueUglyNadamumuDoseBraeditel

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e08b84f33e85be538745c30fc3ecfdef

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

shlwapi

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 35KB - Virtual size: 35KB

.data Size: 167KB - Virtual size: 167KB

.init Size: 5KB - Virtual size: 4KB

.code Size: 21KB - Virtual size: 21KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 5KB - Virtual size: 5KB

.pdata Size: 512B - Virtual size: 8B

.text
Size: 35KB - Virtual size: 35KB

.data
Size: 167KB - Virtual size: 167KB

.init
Size: 5KB - Virtual size: 4KB

.code
Size: 21KB - Virtual size: 21KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 5KB - Virtual size: 5KB

.pdata
Size: 512B - Virtual size: 8B