0157d68a992d05b90e9ef8bd3dda0647a9db6bd7c62eaf646be4c8cfa59f46bc

Sharing

Copy URL Twitter E-mail

General

Target

0157d68a992d05b90e9ef8bd3dda0647a9db6bd7c62eaf646be4c8cfa59f46bc
Size

367KB
MD5

09f517bdd844d77f7d241366efdd56e0
SHA1

22ab61b4a874485a63d66747a395924282446956
SHA256

0157d68a992d05b90e9ef8bd3dda0647a9db6bd7c62eaf646be4c8cfa59f46bc
SHA512

e40499627e2b306a5e2a0f33980e9a0ff190202a1aa51b1ffe21bb832e4758dd7ffa88c7d8fb207dc6f30b7720b13c795dffcdefd5d9f6fab78616531717f36d
SSDEEP

6144:V8CiJn+2dlueiAg4mvZl+i0bsvQYzNtzvMOZ31jppIELz3JgtCJuigax:bi9+2jjRyl+u5znz0e31jbI0JgIr

Score

N/A

Malware Config

Signatures

Files

0157d68a992d05b90e9ef8bd3dda0647a9db6bd7c62eaf646be4c8cfa59f46bc
.exe windows x86

29c5ee05bb5db86e1db4f9e5e7f34b11

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_SYSTEM

Imports

kernel32

GetConsoleMode
GetConsoleCP
SetFilePointer
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadLibraryW
RtlUnwind
RaiseException
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
Sleep
HeapSize
LCMapStringW
MultiByteToWideChar
GetStringTypeW
SetStdHandle
WriteConsoleW
HeapReAlloc
FlushFileBuffers
CreateFileW
GetCommandLineW
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
GetProcessHeap
HeapCreate
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
LeaveCriticalSection
HeapAlloc
lstrcpyA
LoadLibraryA
GetModuleHandleA
QueryPerformanceCounter
EnterCriticalSection
GetCurrentProcess
GetLastError
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
IsProcessorFeaturePresent
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
EncodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
CloseHandle

user32

EndDialog
CloseClipboard
MessageBoxA
GetFocus
GetKeyboardLayout
LoadMenuA
EmptyClipboard
CopyImage
OpenClipboard
EndPaint
LoadBitmapA
CharNextA
SetClipboardData
GetWindowRect
SetWindowPos
GetSystemMetrics
SystemParametersInfoA
DefWindowProcA
LoadIconA
LoadCursorA
CreateWindowExA
ShowWindow
SetForegroundWindow
SetFocus
IsWindowVisible
DestroyWindow
SendMessageA
GetDC
ReleaseDC
SetWindowTextA
GetClientRect
BeginPaint
DrawIconEx

gdi32

PatBlt
DeleteObject
GetObjectA
EndPage
StartDocA
StartPage
TextOutA
EnumFontsA
EndDoc
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetStockObject

shell32

CommandLineToArgvW
SHGetDesktopFolder

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

StrChrA

comctl32

ord17

gdiplus

GdipDisposeImage
GdipSaveImageToFile
GdipCreateBitmapFromHBITMAP
GdiplusStartup

imm32

ImmSetOpenStatus
ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

oledlg

ord3

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.relo
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29c5ee05bb5db86e1db4f9e5e7f34b11

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

version

shlwapi

comctl32

gdiplus

imm32

oledlg

Sections

.text Size: 37KB - Virtual size: 37KB

.rdata Size: 80KB - Virtual size: 80KB

.data Size: 23KB - Virtual size: 30KB

.relo Size: 76KB - Virtual size: 75KB

.text2 Size: 60KB - Virtual size: 59KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 88KB - Virtual size: 87KB

.text
Size: 37KB - Virtual size: 37KB

.rdata
Size: 80KB - Virtual size: 80KB

.data
Size: 23KB - Virtual size: 30KB

.relo
Size: 76KB - Virtual size: 75KB

.text2
Size: 60KB - Virtual size: 59KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 88KB - Virtual size: 87KB