11be2db02410a396a43cbfcf1ea69f85b9f281b152db600ab8a60988c2a12eb9

Sharing

Copy URL Twitter E-mail

General

Target

11be2db02410a396a43cbfcf1ea69f85b9f281b152db600ab8a60988c2a12eb9
Size

1.1MB
MD5

000cd966ae4822d596e171711e251cc0
SHA1

2669c8b612f153d87e6365a18df9745681e46206
SHA256

11be2db02410a396a43cbfcf1ea69f85b9f281b152db600ab8a60988c2a12eb9
SHA512

6531c5a910f77831aa42305a116e1d9574d0e14fea3a89d684ccd0227f0dd64b54cb5ab7c505a285f68f8e28eb3ce5436edd29e0de208dfd56baffadef47ef2d
SSDEEP

24576:O0369iwbTMpHAqS/imotDau7zRRQJYRMYDTymdZni1w4FnHe:O3ogkpJIlYDTldZie0e

Score

N/A

Malware Config

Signatures

Files

11be2db02410a396a43cbfcf1ea69f85b9f281b152db600ab8a60988c2a12eb9
.exe windows x86

5527eed427c1c05c81ed50977c5ce3aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryW
FlushFileBuffers
CreateFileW
ReadFile
FileTimeToSystemTime
GetFileAttributesW
SetFileAttributesW
WriteFile
CreateDirectoryW
MoveFileExW
SystemTimeToFileTime
SetFilePointer
GetFileSize
CopyFileW
LocalFree
LocalAlloc
GetSystemDirectoryW
GetProcAddress
MultiByteToWideChar
LoadLibraryW
WideCharToMultiByte
GetModuleHandleW
CreateProcessW
GlobalAlloc
GlobalFree
GetCurrentThreadId
GetCurrentProcess
FormatMessageW
ExitThread
DuplicateHandle
CreateThread
InitializeCriticalSectionAndSpinCount
CreateMutexW
OpenMutexW
ReleaseMutex
GetCommandLineW
GetCurrentProcessId
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetVersionExW
FreeLibrary
SetUnhandledExceptionFilter
OutputDebugStringW
lstrlenW
GetLocalTime
lstrcatW
IsDebuggerPresent
lstrcpyW
FindResourceW
LoadResource
SizeofResource
LockResource
GlobalLock
GlobalUnlock
GlobalHandle
InterlockedExchange
GetSystemTime
LoadLibraryA
RaiseException
GetLocaleInfoA
TerminateProcess
UnhandledExceptionFilter
HeapFree
HeapAlloc
HeapReAlloc
FileTimeToLocalFileTime
GetDriveTypeW
GetStartupInfoW
GetSystemTimeAsFileTime
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
RtlUnwind
GetFileType
GetCPInfo
LCMapStringA
LCMapStringW
GetStringTypeW
CompareStringA
CompareStringW
HeapSize
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapCreate
VirtualFree
VirtualAlloc
GetFullPathNameW
GetCurrentDirectoryA
SetHandleCount
GetStartupInfoA
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetConsoleCP
GetConsoleMode
GetModuleHandleA
SetStdHandle
SetEndOfFile
GetProcessHeap
GetStringTypeA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
CreateFileA
SetEnvironmentVariableA
SetLastError
InterlockedDecrement
ReadFileEx
DisconnectNamedPipe
GetOverlappedResult
CreateNamedPipeW
WaitForSingleObjectEx
ConnectNamedPipe
InterlockedCompareExchange
WaitForMultipleObjects
Sleep
OpenEventW
SetEvent
DeleteCriticalSection
CreateEventW
GetLastError
GetTempPathW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetTickCount
ResumeThread
CloseHandle
WaitForSingleObject
DeleteFileW
FindNextFileW
FindClose
FindFirstFileW
GetModuleFileNameW
VirtualQuery
InterlockedIncrement

user32

ReleaseCapture
GetLastInputInfo
SetCapture
SetWindowRgn
InvalidateRect
LoadImageW
FindWindowW
SetFocus
BeginPaint
PtInRect
TranslateMessage
RegisterClassExW
OffsetRect
IntersectRect
MoveWindow
SetWindowPos
GetCursorPos
SetLayeredWindowAttributes
CreateWindowExW
AdjustWindowRectEx
CloseWindow
EnableWindow
SetWindowTextW
GetMonitorInfoW
DefWindowProcW
MonitorFromRect
DispatchMessageW
DrawTextW
GetDesktopWindow
wvsprintfW
GetWindowRect
GetForegroundWindow
GetWindowLongW
SystemParametersInfoW
GetSystemMetrics
EndPaint
DestroyWindow
SetCursor
SetTimer
GetMessageW
MonitorFromPoint
PostQuitMessage
FillRect
SetForegroundWindow
PostMessageW
IsWindow
GetDC
ReleaseDC
GetParent
LoadCursorW
SetWindowLongW
SubtractRect

advapi32

RegOpenKeyExW
RegSetValueExW
RegOpenKeyW
RegCloseKey
AddAccessAllowedAceEx
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetNamedSecurityInfoW
GetNamedSecurityInfoW
InitializeAcl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
SetSecurityDescriptorSacl
RegCreateKeyExW
LookupAccountSidW
GetTokenInformation
OpenProcessToken
GetLengthSid
RegQueryValueExW

shell32

SHGetFolderPathW
SHFileOperationW
ShellExecuteW

imm32

ImmDisableIME

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

msimg32

TransparentBlt
AlphaBlend

gdi32

SelectClipRgn
MoveToEx
LineTo
GetStockObject
CreatePolygonRgn
CombineRgn
CreateRectRgn
SetViewportOrgEx
Rectangle
CreatePen
CreateSolidBrush
GetFontData
StretchDIBits
CreateFontIndirectW
CreateCompatibleBitmap
GetObjectW
BitBlt
SetTextColor
DeleteDC
CreateDIBSection
StretchBlt
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC

Sections

.text
Size: 812KB - Virtual size: 811KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 19KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.lrdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5527eed427c1c05c81ed50977c5ce3aa

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

imm32

version

msimg32

gdi32

Sections

.text Size: 812KB - Virtual size: 811KB

.rdata Size: 133KB - Virtual size: 132KB

.data Size: 19KB - Virtual size: 39KB

.rsrc Size: 33KB - Virtual size: 33KB

.reloc Size: 52KB - Virtual size: 52KB

.lrdata Size: 68KB - Virtual size: 68KB

.text
Size: 812KB - Virtual size: 811KB

.rdata
Size: 133KB - Virtual size: 132KB

.data
Size: 19KB - Virtual size: 39KB

.rsrc
Size: 33KB - Virtual size: 33KB

.reloc
Size: 52KB - Virtual size: 52KB

.lrdata
Size: 68KB - Virtual size: 68KB