1d43354784ca57a6d0bcd8fc4314f42770c27fbb98c880424b2b1d9c0209fb29

Sharing

Copy URL

Twitter E-mail

General

Target

1d43354784ca57a6d0bcd8fc4314f42770c27fbb98c880424b2b1d9c0209fb29
Size

335KB
MD5

46038c082cce7db80c88f4cd0541782a
SHA1

dce1de9d8193dffb02275837778bd02dc7c321c9
SHA256

1d43354784ca57a6d0bcd8fc4314f42770c27fbb98c880424b2b1d9c0209fb29
SHA512

b5a734c4621b35aff23c8ff0d4dd66efcf7c1a8ef5db20461ba992441ca9b896aea72972d29f07c8bb1b67a8d213ee335d38a098562e97382e49e38b0f66dece
SSDEEP

3072:QlIHttMF7GAAe7DSaqByBGclJomL2BuU7f61uQf23EmkEa3Eyr8Q3oXb0NENXNvQ:QwMF7GF7CJRYiuC2U0yr8Tr3Q

Score

N/A

Malware Config

Signatures

Files

1d43354784ca57a6d0bcd8fc4314f42770c27fbb98c880424b2b1d9c0209fb29
.exe windows x86

566af2db67c78daa292b8381911ac914

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TileWindows
GetMenu
EnumPropsExA
UnhookWinEvent
RegisterClipboardFormatW
GetWindowRgn
GetMessageW
EnumDisplayDevicesW
LoadAcceleratorsA
ToUnicode
GetMenuItemRect
ExcludeUpdateRgn
DrawTextA

advapi32

LookupAccountNameW
ReportEventW
DeleteAce
RevertToSelf
RegQueryMultipleValuesA
RegOpenKeyW
AccessCheckAndAuditAlarmW
RegCreateKeyA
NotifyBootConfigStatus

wininet

InternetCanonicalizeUrlA
DeleteUrlCacheGroup
GopherGetAttributeA
InternetCreateUrlW
FtpRenameFileW
FtpRemoveDirectoryW
InternetAutodial

gdi32

CombineTransform
CombineRgn
Chord
CreateDIBSection
ArcTo
CreateDIBPatternBrushPt

kernel32

GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
CloseHandle
WriteConsoleA
GetConsoleOutputCP
VirtualQuery
GetSystemInfo
VirtualProtect
RtlUnwind
InitializeCriticalSection
LoadLibraryExA
WriteConsoleW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileA
WaitForSingleObject
SetWaitableTimer
GetLastError
CreateWaitableTimerA
FreeLibrary
SetSystemTimeAdjustment
ConvertDefaultLocale
CommConfigDialogA
GetWriteWatch
CreateRemoteThread
GetSystemTimeAsFileTime
InterlockedIncrement
InterlockedDecrement
GetCommandLineA
GetVersionExA
GetStartupInfoA
GetProcAddress
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCPInfo
OutputDebugStringA
HeapFree
GetModuleHandleA
ExitProcess
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetACP
GetOEMCP
HeapAlloc
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WideCharToMultiByte
GetTimeZoneInformation
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
Sleep
GetLocaleInfoW
LCMapStringA
LCMapStringW
VirtualAlloc
HeapReAlloc

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

566af2db67c78daa292b8381911ac914

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

wininet

gdi32

kernel32

Sections

.text Size: 78KB - Virtual size: 77KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 48KB - Virtual size: 54KB

.rsrc Size: 196KB - Virtual size: 195KB

.text
Size: 78KB - Virtual size: 77KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 48KB - Virtual size: 54KB

.rsrc
Size: 196KB - Virtual size: 195KB