9680c5a21334779e858c88dd01d35fafedd2d359080f813771f8de8c55dca811

Sharing

Copy URL

Twitter E-mail

General

Target

9680c5a21334779e858c88dd01d35fafedd2d359080f813771f8de8c55dca811
Size

284KB
MD5

d4bada7dc36cecb9103aa0c4c3da86ec
SHA1

5b79c30842bdbddbea7c06b224c4f56cc49cd904
SHA256

9680c5a21334779e858c88dd01d35fafedd2d359080f813771f8de8c55dca811
SHA512

927e0659d12df7cf28bf491649df69fae5245f4a642c44e932646e5a7f1d2d07eb398946c2b1ab964cf92de5418c8b9b7e4ec207414db6e50f819c042f8ec9bf
SSDEEP

6144:nrGy4dp5EUQmsBglXEOPdn/oocj+bjmmYVSx6Le46u+LqduD:nx4dp5Fyq39QryYMx6LyKw

Score

N/A

Malware Config

Signatures

Files

9680c5a21334779e858c88dd01d35fafedd2d359080f813771f8de8c55dca811
.exe windows x86

2d8b9e76a674597ae571804b1d123b8c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
lstrcpyW
lstrcpyA
HeapSize
HeapReAlloc
LCMapStringW
SetStdHandle
WriteConsoleW
RtlUnwind
SetFilePointer
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
LoadLibraryW
MultiByteToWideChar
GetStringTypeW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetFileType
SetHandleCount
GetCurrentThreadId
ReadConsoleOutputCharacterW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
GetModuleFileNameW
WriteFile
HeapCreate
IsProcessorFeaturePresent
TerminateProcess
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
CloseHandle
FindFirstChangeNotificationA
FindNextFileA
FindNextChangeNotification
LoadLibraryA
FindClose
GetProcAddress
GetLastError
GetLogicalDriveStringsA
FindFirstFileA
GetStdHandle
SetThreadLocale
SetCurrentDirectoryA
CreateDirectoryA
GetComputerNameA
GlobalUnlock
ReleaseSemaphore
GetSystemDirectoryA
CreateSemaphoreA
Sleep
GetVolumeInformationA
GlobalAlloc
GetDriveTypeA
GetWindowsDirectoryA
GetNumberFormatA
ExpandEnvironmentStringsA
GetSystemTimeAsFileTime
GetLogicalDrives
FindCloseChangeNotification
WaitForSingleObject
GlobalLock
GetCurrentProcess
SetConsoleTextAttribute
CreateProcessW
AllocConsole
GetLocaleInfoA
UnhandledExceptionFilter
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA
DecodePointer
ExitProcess
GetModuleHandleW
InterlockedIncrement
InterlockedDecrement
HeapAlloc
HeapFree
SetVolumeLabelA
SetLastError
CreateFileW

user32

GetDlgCtrlID
DestroyMenu
UpdateWindow
MapWindowPoints
ActivateKeyboardLayout
GetWindow
GetMessageA
GetWindowRect
MsgWaitForMultipleObjects
GetFocus
LoadBitmapA
WaitForInputIdle
wsprintfA
EndPaint
GetClientRect
SetFocus
SendMessageA
BeginPaint
GetDC
IsDialogMessageA
TranslateMessage
GetForegroundWindow
GetMenu
GetWindowTextA
GetAsyncKeyState
PeekMessageA
ReleaseDC
EnableMenuItem
GetDlgItem
SetWindowLongW
EndDialog
GetCursorPos
SetMenu
IsWindow
CreateWindowExW
DispatchMessageA
CharNextA

gdi32

MoveToEx
FrameRgn
LineTo
GetDeviceCaps
SetBkMode
DeleteObject
SelectObject
DPtoLP
SetMapMode
Ellipse
SaveDC
CreatePen
SetViewportExtEx
SetROP2
GetStockObject
RestoreDC
CreateSolidBrush
EnumFontsA
TextOutA

advapi32

RegOpenKeyExA
OpenProcessToken
GetUserNameW
RegCloseKey
GetUserNameA
RegQueryInfoKeyA
GetCurrentHwProfileA
ConvertStringSidToSidW
RegEnumKeyExA
LookupAccountSidA

shell32

SHGetFolderPathA
SHGetDesktopFolder

ole32

CoUninitialize
CLSIDFromString
CreateILockBytesOnHGlobal
CoInitialize
CoGetClassObject
CoInitializeEx
CoCreateInstance

oleaut32

LoadRegTypeLi
SysFreeString
RegisterActiveObject
VariantChangeType
SysAllocString
VariantInit
VariantClear

netapi32

NetUserGetInfo

shlwapi

StrChrA

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d8b9e76a674597ae571804b1d123b8c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

netapi32

shlwapi

Sections

.text Size: 122KB - Virtual size: 121KB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 71KB - Virtual size: 78KB

.rsrc Size: 69KB - Virtual size: 68KB

.text
Size: 122KB - Virtual size: 121KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 71KB - Virtual size: 78KB

.rsrc
Size: 69KB - Virtual size: 68KB