5eeeff350333bae8cc0e8a0fb2117e366e65f513e2b21144a52f70e98474f04a

Sharing

Copy URL

Twitter E-mail

General

Target

5eeeff350333bae8cc0e8a0fb2117e366e65f513e2b21144a52f70e98474f04a
Size

327KB
MD5

af5802e08b93be5ba00e7f52e7012807
SHA1

b493160c357482e4dbec84e750e1d21d9fdafc15
SHA256

5eeeff350333bae8cc0e8a0fb2117e366e65f513e2b21144a52f70e98474f04a
SHA512

ceb82c4cb2e24911ae0e5ee3696761b1b7f5e40291da1c33f6beb6e412bbf17ebd80cfff048867fe2a08e1debbb637c2a5501d53a6aef1cd8401801ee82d8b4e
SSDEEP

6144:FJCvfb//eyEFyOStCMWQUt67Q4yP0hTTyN/+CrU+O+LqO:FJKb//evFyOStoy7yP0VbCA+qO

Score

N/A

Malware Config

Signatures

Files

5eeeff350333bae8cc0e8a0fb2117e366e65f513e2b21144a52f70e98474f04a
.exe windows x86

0868487cadf0d92fa0188ec1ba3b00d1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
SetEndOfFile
HeapReAlloc
GetStringTypeW
LCMapStringW
HeapSize
SetStdHandle
WriteConsoleW
LoadLibraryW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
RtlUnwind
InterlockedDecrement
CloseHandle
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetModuleHandleW
GetProcAddress
HeapCreate
IsProcessorFeaturePresent
TerminateProcess
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
DecodePointer
RaiseException
OutputDebugStringA
LoadLibraryExA
FindFirstChangeNotificationA
SetConsoleTitleW
FindNextFileA
FindNextChangeNotification
SetCurrentDirectoryW
LoadLibraryA
FindClose
ExitProcess
EnterCriticalSection
lstrcmpiA
GetCurrentDirectoryW
GetLastError
GetLogicalDriveStringsA
FindFirstFileA
GetStdHandle
GlobalUnlock
MultiByteToWideChar
CreateFileW
GetSystemDirectoryA
GetModuleFileNameW
ReadFile
Beep
LeaveCriticalSection
CreateEventA
Sleep
GlobalAlloc
InitializeCriticalSection
GetDriveTypeA
WriteFile
GetWindowsDirectoryA
FormatMessageA
ExpandEnvironmentStringsA
GetSystemTimeAsFileTime
GetLogicalDrives
FindCloseChangeNotification
WaitForSingleObject
GlobalLock
GetCurrentProcess
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapFree
SetConsoleTextAttribute
HeapAlloc
FreeLibrary
lstrlenA
SearchPathW
GetFileSize
CreateFileA
GetComputerNameA
GetCurrentThreadId

user32

GetWindowThreadProcessId
CheckMenuItem
EndDeferWindowPos
GetWindow
MoveWindow
GetDC
SetCursor
GetMessageA
GetWindowRect
LockSetForegroundWindow
RegisterClassExA
IsIconic
GetClassInfoExA
SetForegroundWindow
LoadBitmapA
LoadIconA
wsprintfA
DialogBoxParamA
SendMessageA
BeginPaint
EnumWindows
GetForegroundWindow
GetWindowTextA
GetAsyncKeyState
MessageBoxA
GetClipboardData
ReleaseDC
GetDlgItem
SetWindowPos
GetCursorPos
ShowWindow
IsWindow
RegisterRawInputDevices
DispatchMessageA
MessageBoxW
GetSystemMetrics
LoadImageA
UpdateWindow
SetClipboardData
GetDlgItemTextA

gdi32

GetBitmapBits
GetWindowOrgEx
GetViewportOrgEx
FrameRgn
GetWindowExtEx
DeleteObject
DPtoLP
SetMapMode
Ellipse
SaveDC
SetViewportExtEx
GetViewportExtEx
GetObjectA
CloseMetaFile
RestoreDC
CreateSolidBrush
TextOutA
SelectObject

comdlg32

GetFileTitleW

advapi32

OpenEventLogA
GetOldestEventLogRecord
CryptAcquireContextA
RegOpenKeyExA
OpenProcessToken
RegisterServiceCtrlHandlerA
RegQueryValueExA
CloseEventLog
RegCloseKey
ReadEventLogA
SetServiceStatus
RegOpenKeyA
GetUserNameA
CryptReleaseContext

shell32

SHGetFileInfoW

ole32

CoCreateInstance
CoUninitialize
CLSIDFromString
CreateStreamOnHGlobal
GetHGlobalFromStream
CoInitialize
CoInitializeEx

oleaut32

LoadTypeLi
RegisterActiveObject
SysFreeString
OleCreatePictureIndirect
LoadRegTypeLi
SafeArrayCreateVector
VariantClear
SysAllocString
SafeArrayAccessData

comctl32

ImageList_GetImageCount
ImageList_Create
ImageList_GetImageInfo
InitCommonControlsEx
ImageList_AddMasked

dnsapi

DnsFree
DnsQuery_W

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 165KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0868487cadf0d92fa0188ec1ba3b00d1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

dnsapi

Sections

.text Size: 63KB - Virtual size: 63KB

.rdata Size: 22KB - Virtual size: 22KB

.data Size: 165KB - Virtual size: 172KB

.rsrc Size: 67KB - Virtual size: 67KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 63KB - Virtual size: 63KB

.rdata
Size: 22KB - Virtual size: 22KB

.data
Size: 165KB - Virtual size: 172KB

.rsrc
Size: 67KB - Virtual size: 67KB

.reloc
Size: 8KB - Virtual size: 7KB