945325c717a4a160ab6a0a64e216fbc86b229996bf90f438f9b49a9fb51643bd

Sharing

Copy URL

Twitter E-mail

General

Target

945325c717a4a160ab6a0a64e216fbc86b229996bf90f438f9b49a9fb51643bd
Size

183KB
MD5

abe5c0a299ffffb1a7b29bd3ea6fc86c
SHA1

11c08a46161c9c1e13c5b10dda277309f1547429
SHA256

945325c717a4a160ab6a0a64e216fbc86b229996bf90f438f9b49a9fb51643bd
SHA512

04d5c5cf69b64adcdac89fea0f3559939cdf2630780061b60bab89a930924e9e8f0b8f17c7ca2e0a544cfc8f935e6e021262ff6bdf7a9e9525694223f57deaaa
SSDEEP

3072:YLpxTJJWCXx7vCgiFuCiSxS+0qHEC1yhlb4+nFHz6PTGDG:Yt9RdvCgVL4+19q

Score

N/A

Malware Config

Signatures

Files

945325c717a4a160ab6a0a64e216fbc86b229996bf90f438f9b49a9fb51643bd
.exe windows x86

d193838ecdd973eadde0ff03b273c761

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DispatchMessageA
DestroyWindow
CreateWindowExA
CallWindowProcA
MessageBoxW
ExitWindowsEx
LoadStringA
MsgWaitForMultipleObjects
PeekMessageA
SetWindowLongA
TranslateMessage
MessageBoxA
MapVirtualKeyExA
CharPrevA
LookupIconIdFromDirectoryEx
IsCharAlphaA
EnumDesktopsA
GetDialogBaseUnits
SwapMouseButton
GetTopWindow
FlashWindow
CloseWindowStation
GetScrollBarInfo
SetCursor

ole32

CoLoadLibrary
CoRegisterPSClsid
CLSIDFromString
ProgIDFromCLSID
CoRevokeMallocSpy
CoCreateInstanceEx

advapi32

OpenProcessToken
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
LookupPrivilegeValueA

gdi32

ArcTo
CreateDCA
AddFontMemResourceEx
CombineRgn
CopyEnhMetaFileA

opengl32

glColor3f
wglSetLayerPaletteEntries
glVertex2d
glTexCoord3s
glStencilFunc
wglCreateLayerContext
glFogfv
glVertex3iv

dbghelp

SymMatchString
SymGetLinePrev64
SymFindFileInPath
SymSetContext
SymGetModuleBase64

kernel32

UnhandledExceptionFilter
TerminateProcess
GetStringTypeW
GetStringTypeA
WriteConsoleA
LCMapStringA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapReAlloc
VirtualAlloc
InitializeCriticalSection
RtlUnwind
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
VirtualProtect
VirtualQuery
LCMapStringW
CompareFileTime
GetOEMCP
GetCPInfo
HeapAlloc
GetCurrentProcessId
QueryPerformanceCounter
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
TlsFree
GetTempPathA
FindFirstFileA
FindNextFileA
FindClose
SetFilePointer
MulDiv
ReadFile
WriteFile
GetPrivateProfileStringA
WritePrivateProfileStringA
MultiByteToWideChar
FreeLibrary
LoadLibraryExA
WaitForSingleObject
GlobalAlloc
GlobalFree
ExpandEnvironmentStringsA
lstrcmpA
lstrcmpiA
GetVersion
GetSystemDirectoryA
lstrcatA
lstrlenA
GetTempFileNameA
RemoveDirectoryA
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceA
lstrcpynA
LoadLibraryA
SetErrorMode
SetFileTime
ExitProcess
CopyFileA
GetTickCount
Sleep
SetFileAttributesA
SetCurrentDirectoryA
MoveFileA
GetShortPathNameA
SearchPathA
CloseHandle
CreateDirectoryA
CreateFileA
CreateProcessA
DeleteFileA
FindResourceA
FormatMessageA
GetACP
GetCommandLineA
GetCurrentProcess
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFileSize
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetSystemDefaultLCID
GetSystemInfo
GetUserDefaultLangID
GetVersionExA
GetWindowsDirectoryA
IsDBCSLeadByte
SetWaitableTimer
CreateWaitableTimerA
SetLastError
CreateMutexA
LocalSize
FreeUserPhysicalPages
FillConsoleOutputCharacterA
EnumSystemLocalesA
GetSystemTimeAsFileTime
GetStartupInfoA
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
RaiseException
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d193838ecdd973eadde0ff03b273c761

Headers

DLL Characteristics

File Characteristics

Imports

user32

ole32

advapi32

gdi32

opengl32

dbghelp

kernel32

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 37KB - Virtual size: 47KB

.rsrc Size: 29KB - Virtual size: 28KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 37KB - Virtual size: 47KB

.rsrc
Size: 29KB - Virtual size: 28KB