0ad99f5a1059d7a079a4dfa81c6edd33982d815ea31d00e615c0d915288fcd42

Sharing

Copy URL Twitter E-mail

General

Target

0ad99f5a1059d7a079a4dfa81c6edd33982d815ea31d00e615c0d915288fcd42
Size

134KB
MD5

0f5d9358ed723abc5c5cddfb0d626f96
SHA1

5dbd3773bd8c5da660fa5c0745a0fc4c100652d3
SHA256

0ad99f5a1059d7a079a4dfa81c6edd33982d815ea31d00e615c0d915288fcd42
SHA512

dce3412609413a0fc87f271b5097b1cb3d81a84ae0a6b0d76838933f37c6152f1815f088a46d763fc163efa5055e55babf708f4abd1467e3eff47469d6786ca2
SSDEEP

3072:LUc+D1m2QVOWdVdJaydrBm+O84PHVZHw1zvlkocl0w3J:wBm2QVOiVd51m/3Hgq

Score

N/A

Malware Config

Signatures

Files

0ad99f5a1059d7a079a4dfa81c6edd33982d815ea31d00e615c0d915288fcd42
.exe windows x86

e63f9fe5e754ecf42777028ae48e4297

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleOutputCP
DisconnectNamedPipe
WideCharToMultiByte
GetACP
Sleep
TerminateProcess
GetExitCodeProcess
GetCurrentDirectoryW
GetDateFormatA
GlobalUnlock
GetTimeZoneInformation
GetPrivateProfileStringA
CreateProcessA
TlsSetValue
FindClose
GetThreadContext
FreeEnvironmentStringsA
FindFirstFileA
LoadLibraryA
OpenProcess
CreateThread
SetEnvironmentVariableW
SetEvent
EnumSystemLocalesA
VirtualQuery
SetThreadContext
VirtualFreeEx
ReadFile
Thread32Next
GetVersionExA
Process32FirstW
GetLocaleInfoA
HeapDestroy
SetEndOfFile
GetStringTypeA
FatalAppExitA
SleepEx
LCMapStringA
GetFileType
TryEnterCriticalSection
ConnectNamedPipe
SetCurrentDirectoryW
MapViewOfFileEx
CompareStringW
DuplicateHandle
LCMapStringW
OutputDebugStringA
UnhandledExceptionFilter
GetLastError
FileTimeToLocalFileTime
SetUnhandledExceptionFilter
CompareStringA
TlsAlloc
GetStartupInfoA
LeaveCriticalSection
GetFileAttributesW
HeapSize
SetHandleCount
DeviceIoControl
OpenFileMappingA
Thread32First
FileTimeToSystemTime
VirtualProtect
CreateFileMappingA
GetTimeFormatA
IsValidCodePage
CreateProcessW
InitializeCriticalSection
InterlockedIncrement
HeapCreate
CreateNamedPipeA
InterlockedCompareExchange
SetFilePointer
GetUserDefaultLCID
ResumeThread
GetDriveTypeA
ExitThread
CopyFileW
FreeEnvironmentStringsW
FindNextFileW
GetStringTypeW
SystemTimeToFileTime
FlushInstructionCache
GlobalAlloc
GetEnvironmentStringsW
GetEnvironmentStrings
GetModuleFileNameA
GlobalLock
QueryPerformanceCounter
GetModuleHandleW
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
InterlockedExchange
GetConsoleMode
HeapReAlloc
IsDebuggerPresent
GetFullPathNameA
InterlockedDecrement
FormatMessageA
TlsFree
CreateEventW
ResetEvent
CreateFileA
OpenThread
GetFullPathNameW
GetStdHandle
SetConsoleCtrlHandler
WriteFile
GetTickCount
WaitForSingleObjectEx
GlobalFree
SetStdHandle
GetCurrentThread
VirtualAllocEx
FlushFileBuffers
RemoveDirectoryW
CreateDirectoryW
WriteFileEx
GetOEMCP
WriteConsoleW
GetFileSizeEx
GetCurrentDirectoryA
SuspendThread
RtlUnwind
ReadFileEx
CloseHandle
GetCPInfo
SetLastError
CreateMutexW
RaiseException
CreateEventA
FreeLibrary
GetSystemTimeAsFileTime
GetLocaleInfoW
SetFileAttributesW
lstrlenA
ExpandEnvironmentStringsA
IsValidLocale
GetModuleHandleA
GetConsoleCP
GetSystemInfo
PeekNamedPipe
MoveFileExW
SetEnvironmentVariableA
MultiByteToWideChar
DeleteFileW
TlsGetValue
CreateFileW
DeleteCriticalSection
UnmapViewOfFile
CreateToolhelp32Snapshot
FindFirstFileW
VirtualFree
GetCurrentThreadId
WriteConsoleA
GetCurrentProcessId
GetFileInformationByHandle
SetCurrentDirectoryA
LocalFree
LocalAlloc
VirtualProtectEx
GetProcAddress
MulDiv
LoadLibraryW
GetCommandLineA
GetProcessHeap
HeapFree
GetCurrentProcess
HeapAlloc
GetCommandLineW
VirtualAlloc
ExitProcess

user32

GetWindowLongW
IsZoomed
BeginPaint
LoadCursorW
DestroyWindow
GetWindowRect
CallNextHookEx
GetWindowLongA
LoadIconA
GetMessageW
BringWindowToTop
LoadImageW
SetFocus
MoveWindow
LoadCursorA
ScreenToClient
SetClipboardData
CloseClipboard
EndPaint
GetWindowThreadProcessId
PtInRect
SetForegroundWindow
MessageBoxA
DefWindowProcA
UnregisterClassW
SetWindowsHookExW
SetWindowLongW
GetSystemMetrics
SetWindowRgn
OpenClipboard
InflateRect
MessageBoxW
InvalidateRect
TranslateMessage
RegisterClassExW
ReleaseDC
PostMessageW
RegisterClassExA
SetWindowsHookExA
PostQuitMessage
SendMessageW
SetWindowLongA
CreateWindowExW
TrackMouseEvent
EmptyClipboard
ScrollDC
GetClientRect
ShowWindow
DispatchMessageW
GetDC
UnhookWindowsHookEx
DefWindowProcW
CreateWindowExA
LoadIconW
FindWindowW

gdi32

GetStockObject
TextOutA
CreatePen
CreateCompatibleDC
Polygon
StretchBlt
SelectObject
GetDeviceCaps
StretchDIBits
BitBlt
CreateCompatibleBitmap
CreateDIBSection
GetObjectA
DeleteDC
SelectClipRgn
SetTextColor
DeleteObject
SetBkMode
CreateRectRgn

advapi32

AdjustTokenPrivileges
InitializeSecurityDescriptor
CryptDeriveKey
SetSecurityDescriptorDacl
CryptDecrypt
OpenProcessToken
RegOpenKeyExA
RegOpenKeyExW
CryptAcquireContextW
RegQueryValueExA
CryptReleaseContext
RegCloseKey
CryptDestroyKey
CryptCreateHash
CryptHashData
LookupPrivilegeValueA
RegQueryValueExW
CryptDestroyHash

shell32

ShellExecuteW
ShellExecuteA
ShellExecuteExW
SHGetFolderPathW
CommandLineToArgvW

winmm

PlaySoundW

rpcrt4

UuidToStringA
UuidCreate
RpcStringFreeA

secur32

QueryContextAttributesW
AcceptSecurityContext
DeleteSecurityContext
EncryptMessage
InitializeSecurityContextW
QueryContextAttributesA
InitializeSecurityContextA
DecryptMessage
AcquireCredentialsHandleW
FreeCredentialsHandle

avifil32

AVIStreamBeginStreaming

msvcrt

sprintf
fputs
fclose
tmpfile

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e63f9fe5e754ecf42777028ae48e4297

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

winmm

rpcrt4

secur32

avifil32

msvcrt

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 512B - Virtual size: 63KB

.rsrc Size: 14KB - Virtual size: 14KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 512B - Virtual size: 63KB

.rsrc
Size: 14KB - Virtual size: 14KB

.reloc
Size: 2KB - Virtual size: 1KB