d4384a14fef95a8e85c7dcfa04475fef501be9810625f7e1ab8bc46ce754ce03

Sharing

Copy URL Twitter E-mail

General

Target

d4384a14fef95a8e85c7dcfa04475fef501be9810625f7e1ab8bc46ce754ce03
Size

188KB
MD5

0c7f24f7f5b73be7b7d0cb80dd85637c
SHA1

cbf61dbe4d4ae8df8b281d2cfc92a4575de130de
SHA256

d4384a14fef95a8e85c7dcfa04475fef501be9810625f7e1ab8bc46ce754ce03
SHA512

3875a196074473e4c95f3a3f89e7f52295eeff57c5b24be2440a61cac826b0c41fa16f2fd15efc9aabc09513cf752d87d3689e74bc8723ed22e7711bff0d26c2
SSDEEP

3072:U+CgbC8u90cPN8kht341+pTHu9aodYuqQTRcaCALZ:Xg0cPN34ApjTT2

Score

N/A

Malware Config

Signatures

Files

d4384a14fef95a8e85c7dcfa04475fef501be9810625f7e1ab8bc46ce754ce03
.exe windows x86

390fb04dcea972e9fa2eae048a1a40a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
CryptReleaseContext
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegCreateKeyExW
RegCreateKeyExA

gdi32

GetPaletteEntries
DeleteObject
GetDeviceCaps

kernel32

LockResource
LoadResource
FindResourceA
CreateEventW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
FindFirstFileA
FindFirstFileW
LocalReAlloc
GetFileAttributesA
GetModuleFileNameW
GetModuleHandleW
SetFileAttributesA
SetFileAttributesW
SizeofResource
GetPrivateProfileIntW
GetTempPathA
GetTempPathW
SetLastError
CopyFileA
CopyFileW
RemoveDirectoryA
RemoveDirectoryW
CreateMutexW
LoadLibraryW
GetPrivateProfileStringA
GetPrivateProfileStringW
CreateProcessW
FindClose
SetErrorMode
InterlockedExchange
GlobalAddAtomA
GlobalDeleteAtom
GetSystemTimeAsFileTime
GetACP
GetVersionExW
QueryPerformanceCounter
QueryPerformanceFrequency
InterlockedIncrement
InterlockedDecrement
CreateFileMappingW
IsDBCSLeadByte
GetProcessTimes
GetLocalTime
FlushFileBuffers
GetAtomNameA
lstrcmpA
FindNextFileW
FindNextFileA
GetTickCount
DeleteCriticalSection
IsBadReadPtr
DebugBreak
TerminateProcess
LoadLibraryA
GetVersionExA
RaiseException
GetCurrentThreadId
EnterCriticalSection
GetModuleFileNameA
CreateFileMappingA
MapViewOfFile
CreateEventA
CreateMutexA
GetCurrentProcess
DuplicateHandle
lstrcpynA
GetPrivateProfileIntA
CreateProcessA
SetEvent
UnmapViewOfFile
LeaveCriticalSection
GetProcAddress
FreeLibrary
SetFilePointer
WriteFile
GetModuleHandleA
InitializeCriticalSection
SetUnhandledExceptionFilter
GetCommandLineW
LocalAlloc
GetCommandLineA
MultiByteToWideChar
LocalFree
Sleep
GetLastError
ExitProcess
lstrlenA
lstrlenW
WaitForSingleObject
ReleaseMutex
CloseHandle
GetCurrentProcessId
WideCharToMultiByte

user32

RegisterWindowMessageA
GetCursorPos
GetDoubleClickTime
LoadMenuA
GetSubMenu
EnableMenuItem
GetForegroundWindow
SetForegroundWindow
DestroyIcon
SetFocus
KillTimer
SetTimer
DestroyWindow
TranslateMessage
LoadStringA
MessageBoxA
DefWindowProcA
DefWindowProcW
DispatchMessageA
DispatchMessageW
GetMessageA
GetMessageW
GetWindowLongA
GetWindowLongW
LoadCursorA
LoadCursorW
CreateIconFromResource
CreateIconFromResourceEx
LookupIconIdFromDirectoryEx
LoadImageA
DestroyMenu
TrackPopupMenuEx
LoadStringW
PostMessageA
PostMessageW
PostThreadMessageA
PostThreadMessageW
CharNextA
SetWindowLongA
SetWindowLongW
CreateWindowExA
CreateWindowExW
FindWindowExA
FindWindowExW
MessageBoxW
LoadImageW
RegisterWindowMessageW
SendMessageTimeoutA
SystemParametersInfoA
SystemParametersInfoW
RegisterClassExA
RegisterClassExW
GetClassInfoExA
GetClassInfoExW
FindWindowW
SendMessageTimeoutW
GetSysColor
ReleaseDC
GetDC
GetSystemMetrics
wvsprintfA
GetWindowTextA
IsWindow

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

390fb04dcea972e9fa2eae048a1a40a6

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

gdi32

kernel32

user32

Sections

.text Size: 44KB - Virtual size: 40KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 136KB - Virtual size: 134KB

.text
Size: 44KB - Virtual size: 40KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 136KB - Virtual size: 134KB