0806715eaf1942e6f3cb054352bd676a34bb36c7b25c62dd92ddf1a5964654b8

Sharing

Copy URL Twitter E-mail

General

Target

0806715eaf1942e6f3cb054352bd676a34bb36c7b25c62dd92ddf1a5964654b8
Size

367KB
MD5

3b4082dfe4c8743d4f83733cc3ee30e0
SHA1

c8e4c45db3488f19c921813bde7ffd9edcb6e800
SHA256

0806715eaf1942e6f3cb054352bd676a34bb36c7b25c62dd92ddf1a5964654b8
SHA512

3ab95e972b136c0fd4b17729964426938634a23e2ae75ab7f8ce9c4c4106e1feb1034beb6bb2251339c1c4e042f56450732836eb3212eb187c3415c776463a36
SSDEEP

6144:eQPMhwj0q91duVXEtvNLx1mpoYQgvSJ79DB4ZDYzC6H/LDw5UQ9d3c:eGHuVOvNtspoYQgvY7FqiGF6

Score

N/A

Malware Config

Signatures

Files

0806715eaf1942e6f3cb054352bd676a34bb36c7b25c62dd92ddf1a5964654b8
.exe windows x86

998a45adb1ffa78a3a3e48d46e3e04f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdiplusShutdown
GdipDrawImageRectRect
GdipCreateFromHDC
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipDisposeImage
GdipCloneImage
GdipCreateBitmapFromStream
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDrawString
GdipSetStringFormatTrimming
GdipSetStringFormatFlags
GdipCreateSolidFill
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeleteFont
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipGetFamilyName
GdipGetFontCollectionFamilyList
GdipCloneFontFamily
GdipDeleteFontFamily
GdipGetFontCollectionFamilyCount
GdipNewInstalledFontCollection
GdipFillRectangleI
GdipFillRectangle
GdipTranslateTextureTransform
GdipCloneBrush
GdipAlloc
GdipFree
GdipDeleteBrush
GdipCreateTexture2
GdipGetImageWidth
GdipGetImageHeight
GdiplusStartup

kernel32

GetTickCount
QueryPerformanceCounter
HeapCreate
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapReAlloc
InitializeCriticalSectionAndSpinCount
GetStdHandle
IsValidCodePage
GetOEMCP
GetACP
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetCPInfo
LCMapStringW
LCMapStringA
RtlUnwind
SetLastError
GetLastError
CreateMutexW
CloseHandle
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
RaiseException
GetCurrentProcess
FlushInstructionCache
LoadLibraryW
GetProcAddress
CreateEventW
SetEvent
WaitForSingleObject
FindFirstFileW
DeleteFileW
FindNextFileW
GetCurrentProcessId
MultiByteToWideChar
lstrlenW
LocalAlloc
CreateDirectoryW
LocalFree
CreateFileW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetLocalTime
InitializeCriticalSection
SetFilePointer
WriteFile
DeleteCriticalSection
GetModuleFileNameW
GetModuleFileNameA
lstrcpyW
GetModuleHandleW
FreeLibrary
GlobalAlloc
GlobalLock
GlobalFree
GlobalUnlock
OutputDebugStringW
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
LoadLibraryA
ReadFile
VirtualFree
VirtualAlloc
InterlockedIncrement
InterlockedDecrement
Sleep
InterlockedExchange
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
GetStartupInfoW
GetSystemTimeAsFileTime
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetModuleHandleA
SetEndOfFile
CreateFileA
WideCharToMultiByte
IsProcessorFeaturePresent

user32

SendMessageW
PtInRect
SetRectEmpty
GetClientRect
UpdateLayeredWindow
CallWindowProcW
GetClassInfoW
GetWindowRect
PostQuitMessage
DefWindowProcW
CopyRect
RegisterClassW
TrackMouseEvent
SetFocus
SetWindowPos
SystemParametersInfoW
ReleaseCapture
SetCapture
UnionRect
BeginPaint
OffsetRect
UnregisterClassA
IntersectRect
KillTimer
SetCursor
DestroyWindow
IsWindow
SetRect
InvalidateRect
GetWindowLongW
SetWindowLongW
CreateWindowExW
LoadCursorW
GetClassInfoExW
RegisterClassExW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
LoadAcceleratorsW
ShowWindow
PostMessageW
FindWindowW
wsprintfW
SetTimer
EndPaint

gdi32

SelectObject
CreateDIBSection
DeleteDC
CreateCompatibleDC
BitBlt
DeleteObject

advapi32

AllocateAndInitializeSid
InitializeSecurityDescriptor
FreeSid
SetSecurityDescriptorDacl
SetEntriesInAclW

shell32

SHGetSpecialFolderPathW

ole32

CreateStreamOnHGlobal

oleaut32

SysFreeString

shlwapi

PathRemoveFileSpecW
PathFileExistsW

comctl32

InitCommonControlsEx

Sections

.text
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

998a45adb1ffa78a3a3e48d46e3e04f0

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

Sections

.text Size: 192KB - Virtual size: 192KB

.rdata Size: 30KB - Virtual size: 29KB

.data Size: 7KB - Virtual size: 16KB

.rsrc Size: 52KB - Virtual size: 51KB

.reloc Size: 78KB - Virtual size: 80KB

.text
Size: 192KB - Virtual size: 192KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 7KB - Virtual size: 16KB

.rsrc
Size: 52KB - Virtual size: 51KB

.reloc
Size: 78KB - Virtual size: 80KB