dfe5cd16930da56623994302e606f04c136f4450266bd6ff42f1d6bb7390ee7c

Sharing

Copy URL Twitter E-mail

General

Target

dfe5cd16930da56623994302e606f04c136f4450266bd6ff42f1d6bb7390ee7c
Size

465KB
MD5

1ccdf7903d11ccf35a4192fb72dd6792
SHA1

edebfe153137c3548b6b36e76820e8367ccf6b78
SHA256

dfe5cd16930da56623994302e606f04c136f4450266bd6ff42f1d6bb7390ee7c
SHA512

9b3de1544dba525b33dba3033b4afd76fa9a45d7ea38c8524e8a6c58f2493b48d2386cca872dce4a96e36d244ed6d120d1269dd40797c1876b40ba2b2465d96c
SSDEEP

12288:5qHvq5R58APsDdjvXcOKne4Q668aJ8/fvYm:58vK8AMzcD31b1R

Score

N/A

Malware Config

Signatures

Files

dfe5cd16930da56623994302e606f04c136f4450266bd6ff42f1d6bb7390ee7c
.exe windows x86

28434c647c933f38c18b20087569b937

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

kernel32

lstrcpyA
CompareStringW
WriteConsoleW
SetStdHandle
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetFilePointer
HeapReAlloc
HeapSize
GetTimeZoneInformation
Sleep
GetStringTypeW
LCMapStringW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
WriteFile
LoadLibraryW
MultiByteToWideChar
GetLastError
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
IsProcessorFeaturePresent
GetStartupInfoW
HeapSetInformation
GetCommandLineA
DecodePointer
ExitProcess
CreateFileA
GetFileSize
GlobalAlloc
ReadFile
GlobalUnlock
CloseHandle
GetProcAddress
FreeLibrary
GetSystemInfo
HeapCreate
InitializeCriticalSection
FindResourceA
LoadResource
LockResource
FreeResource
SizeofResource
lstrcmpiA
GetProcessHeap
HeapAlloc
HeapFree
SuspendThread
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleHandleW
RtlUnwind
RaiseException
lstrcmpiW
SetEnvironmentVariableA
GetUserDefaultLangID
FindResourceExA
FindResourceExW
lstrlenA
CreateFileW
GetFileInformationByHandle
GlobalLock
LoadLibraryA

user32

ReleaseDC
GetMenu
GetWindowLongA
GetDC
InvalidateRect
DispatchMessageA
ShowWindow
EnumWindows
CreateDialogParamA
ScrollWindow
TranslateMessage
GetMessageA
UpdateWindow
CreateWindowExW
GetSysColorBrush
LoadCursorA
PostQuitMessage
GetScrollInfo
SetScrollInfo
ShowCursor
SystemParametersInfoA
LoadIconA
GetKeyNameTextA
MapVirtualKeyA
GetDialogBaseUnits
BeginPaint
GetClientRect
DrawTextA
EndPaint
DefWindowProcA
GetCursorPos
SendMessageW
GetSubMenu
GetMenuItemRect
DdeInitializeA
GetMenuItemID
FindWindowA
SetWindowTextA
SetWindowLongA
MessageBoxA
IsWindow
GetDlgItem
GetForegroundWindow
SetWindowPos
SetForegroundWindow
LockSetForegroundWindow
DestroyAcceleratorTable
GetDlgItemTextW
LookupIconIdFromDirectory
CreateIconFromResource
GetWindow
GetClassNameA
DestroyMenu
SetMenu
SendMessageA
GetClassNameW
wsprintfA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextW
CreateMenu
AppendMenuA
UnregisterHotKey

gdi32

SetPaletteEntries
CreateBitmapIndirect
CreatePen
SelectObject
Pie
DeleteObject
Chord
GetObjectA
UnrealizeObject
GetCurrentObject
CreateFontIndirectA
GetTextMetricsA
TextOutA
SetTextAlign
CreateCompatibleDC
BitBlt
SetStretchBltMode
StretchBlt
DeleteDC

advapi32

OpenEventLogW
GetOldestEventLogRecord
ReadEventLogA

ole32

ReleaseStgMedium
CreateStreamOnHGlobal
RegisterDragDrop
CoLockObjectExternal
CoInitialize
CoCreateGuid

oleaut32

OleLoadPicture
OleSavePictureFile

odbc32

ord31
ord75
ord9
ord13
ord39
ord7
ord72
ord12
ord19
ord24
ord4
ord111
ord107

ws2_32

socket
getsockopt
WSALookupServiceEnd
WSALookupServiceNextA
WSAGetLastError
closesocket
WSACleanup
bind
inet_addr
WSAStartup
WSALookupServiceBeginA

avifil32

AVIFileOpenA
AVIFileInit

avicap32

capGetDriverDescriptionA

msvfw32

ICGetInfo
ICSendMessage
ICOpen
ICCompressorFree
ICCompressorChoose
ICClose

winmm

mciGetErrorStringA
mciSendCommandA

iphlpapi

SendARP

comctl32

InitCommonControlsEx
ImageList_GetIcon
ImageList_SetOverlayImage
ImageList_LoadImageA

gdiplus

GdiplusShutdown
GdiplusStartup

opengl32

glClearColor
glClear

powrprof

GetPwrCapabilities

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.basa
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.odata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28434c647c933f38c18b20087569b937

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

odbc32

ws2_32

avifil32

avicap32

msvfw32

winmm

iphlpapi

comctl32

gdiplus

opengl32

powrprof

Sections

.text Size: 96KB - Virtual size: 96KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 5KB - Virtual size: 12KB

.basa Size: 163KB - Virtual size: 163KB

.odata Size: 53KB - Virtual size: 52KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 101KB - Virtual size: 100KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 96KB - Virtual size: 96KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 5KB - Virtual size: 12KB

.basa
Size: 163KB - Virtual size: 163KB

.odata
Size: 53KB - Virtual size: 52KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 101KB - Virtual size: 100KB

.reloc
Size: 9KB - Virtual size: 9KB