65f86829ef25927006b880969919c01abce26a2c67b1fdb98c23b238ec75cb00

Sharing

Copy URL Twitter E-mail

General

Target

65f86829ef25927006b880969919c01abce26a2c67b1fdb98c23b238ec75cb00
Size

112KB
MD5

b5648e217744fdb35b0cc03c456aadcb
SHA1

9dee390534dfb6b66674850f49a91d7b8a681645
SHA256

65f86829ef25927006b880969919c01abce26a2c67b1fdb98c23b238ec75cb00
SHA512

7820176b0fc03088ef9293fe5b1fa35ad03599d5b2a71b0b435e26be896c3f3050908f36a1143524be87e3dafff2f6f951fa44c5808b517687ad4ac813a1d850
SSDEEP

1536:7CYrptw78joGajbhvl2kfzjRSOn25OkJrQMCvhaG5W0UnFXth5x3e/u0f:7CYo7aMjbBvR4rQMZUW0UnFXt9O/u0f

Score

N/A

Malware Config

Signatures

Files

65f86829ef25927006b880969919c01abce26a2c67b1fdb98c23b238ec75cb00
.exe windows x86

56c3a7f1b7bde2c2c44e910fb797e943

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
HeapReAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
LoadLibraryW
HeapSize
WriteConsoleW
LCMapStringW
GetStringTypeW
FlushFileBuffers
GetCurrentThreadId
CreateFileW
CloseHandle
Sleep
GetSystemTimeAsFileTime
LocalFree
GetCommandLineA
WritePrivateProfileStringA
HeapAlloc
GetPrivateProfileStringA
GetLastError
lstrlenW
HeapCreate
WideCharToMultiByte
GetProcessHeap
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
MultiByteToWideChar
GetStartupInfoW
RtlUnwind
EncodePointer
DecodePointer
RaiseException
IsProcessorFeaturePresent
GetProcAddress
TlsGetValue
TlsAlloc
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
HeapFree
GetVersion
SetHandleCount
GetEnvironmentStringsW
GetModuleHandleW
FreeEnvironmentStringsW
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
HeapSetInformation

user32

CheckDlgButton
GetDlgItem
CreateWindowExA
InvalidateRect
GetWindowPlacement
IsDialogMessageA
WinHelpA
BeginPaint
ShowWindow
GetClientRect
wsprintfA
LoadMenuA
SendDlgItemMessageA
PostQuitMessage
InsertMenuItemA
SetWindowPlacement
DestroyWindow
IsWindow
GetKeyboardType
SetWindowTextA
SendMessageA
RegisterClassA
GetDlgItemTextA
MoveWindow
GetWindow
EnableWindow
DefWindowProcW
SetDlgItemTextA

gdi32

SetMapMode
CreateDIBSection
CreateFontIndirectA
CreateDCA
GetRegionData
DeleteObject
SaveDC
GetStockObject
RestoreDC
TextOutA

winspool.drv

EnumPrintersA

comdlg32

ChooseFontA
GetOpenFileNameW

advapi32

CryptReleaseContext
RegQueryValueExA
RegCloseKey
RegOpenKeyA
CryptDestroyKey
CryptEncrypt
CryptImportKey
CryptAcquireContextA
CryptSetKeyParam

shell32

SHGetDesktopFolder

ole32

CoUninitialize
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoGetMalloc

oleaut32

SysFreeString
SafeArrayPtrOfIndex
SafeArrayLock
SafeArrayGetRecordInfo
VariantInit
SafeArrayUnlock
VariantClear
SysAllocString

wininet

InternetOpenA

shlwapi

SHDeleteKeyA
SHDeleteValueA

comctl32

ImageList_Draw

gdiplus

GdipDeleteFont
GdipCreateBitmapFromScan0
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipSetStringFormatAlign
GdipDeleteFontFamily
GdipDeleteBrush
GdipSetStringFormatLineAlign
GdipDisposeImage
GdipCreateFont
GdipDrawString
GdipCreateFontFamilyFromName
GdipFillRectangleI
GdipCreateStringFormat
GdipDeleteStringFormat
GdipFree
GdipAlloc
GdipCloneBrush
GdipCreateSolidFill

wtsapi32

WTSQuerySessionInformationA

uxtheme

IsAppThemed

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56c3a7f1b7bde2c2c44e910fb797e943

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

wininet

shlwapi

comctl32

gdiplus

wtsapi32

uxtheme

Sections

.text Size: 61KB - Virtual size: 61KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 15KB - Virtual size: 22KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 61KB - Virtual size: 61KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 15KB - Virtual size: 22KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 17KB - Virtual size: 17KB