f3bb80fbe5f895a25dae1a51be64d07c1ae6ba13000a9a07cd552967e0572be5

Sharing

Copy URL

Twitter E-mail

General

Target

f3bb80fbe5f895a25dae1a51be64d07c1ae6ba13000a9a07cd552967e0572be5
Size

1.1MB
MD5

4b9669b25c2ffce3ef1d98140761b2d3
SHA1

4dd6aabcf0a585a9d50e35bfb262b6b66869041a
SHA256

f3bb80fbe5f895a25dae1a51be64d07c1ae6ba13000a9a07cd552967e0572be5
SHA512

d7f6a757ed7857b9ad466671e6474227d403ddf06518ce976040f42b3ffae5b69d8d791a22283edccf94630f8cdda06048caa788de0f23d972d4f7cacea18550
SSDEEP

24576:BWIRlftuibkFmfSDoBHJ2e/kTFgViokluskixLhEd:BWILtfwmfSDoBHJn/kTFgV+luskkGd

Score

N/A

Malware Config

Signatures

Files

f3bb80fbe5f895a25dae1a51be64d07c1ae6ba13000a9a07cd552967e0572be5
.exe windows x86

40178906b1aa55cb17eddf9fc4628501

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsA
FindFirstVolumeW
SetLocaleInfoW
GetCalendarInfoW
FindResourceExA
ResetEvent
GetProfileIntA
GetFileAttributesA
SetPriorityClass
LCMapStringW
GetConsoleAliasesA
SetVolumeMountPointA
GetVolumeInformationA
CreateMutexA
GetTimeFormatW
FlushViewOfFile
FindNextChangeNotification
SetSystemTimeAdjustment
FoldStringW
GetSystemDirectoryA
GetEnvironmentStrings
SetErrorMode
GetModuleHandleA
ExpandEnvironmentStringsW
SetConsoleDisplayMode
GetCurrentProcess
GetDriveTypeW
GetPrivateProfileSectionW
CreateTapePartition
SetComputerNameExA
GetShortPathNameA
GetPrivateProfileStringA
ContinueDebugEvent
DisconnectNamedPipe
SetSystemPowerState
CreateDirectoryExA
GetFileAttributesExW
SetConsoleOutputCP
DeleteTimerQueueTimer
GetModuleFileNameA
GetVersion
OpenThread
GetCPInfoExA
FindResourceA
GetSystemDefaultLCID
GetPrivateProfileIntW
GetProfileStringW
SetInformationJobObject
OpenMutexA
GetFileTime
GetDiskFreeSpaceW
GetStringTypeExA
GetEnvironmentVariableW
CopyFileW
DosDateTimeToFileTime
GetPrivateProfileSectionA
GetNumberFormatA
GetLocaleInfoW
SetEvent
GetCurrentConsoleFont
SetTapeParameters
FlushFileBuffers
GetConsoleWindow
GetACP
CreateMailslotW
OpenWaitableTimerA
CancelIo
GetCPInfo
CreateWaitableTimerW
GetDiskFreeSpaceA
FindAtomA
GetWindowsDirectoryW
GetFullPathNameW
GetTempPathA
GetTempPathW
CreateEventW
GetOEMCP
SetStdHandle
GetVolumeInformationW
GetThreadLocale
CreateTimerQueue
QueryInformationJobObject
IsSystemResumeAutomatic
OpenJobObjectA
SetFileTime
GetNumberOfConsoleInputEvents
GetPrivateProfileStructA
GetConsoleAliasA
OpenWaitableTimerW
FormatMessageA
SetTapePosition
SetWaitableTimer
GetLogicalDrives
MoveFileWithProgressW
AddAtomW
Module32First
SetLocaleInfoA
FreeConsole
GetConsoleAliasExesW
VerifyVersionInfoW
GetBinaryTypeA
ResetWriteWatch
CreateNamedPipeA
LoadResource
GetPrivateProfileSectionNamesA
GetProcAddress
OpenFileMappingW
SetConsoleActiveScreenBuffer
DefineDosDeviceA
DnsHostnameToComputerNameA
GetWindowsDirectoryA
GetConsoleMode
GetUserDefaultUILanguage
SetComputerNameExW
GetHandleInformation
GetBinaryTypeW
FindFirstFileA
FreeEnvironmentStringsW
SwitchToThread
GetConsoleCursorInfo
GetCurrencyFormatA
FreeEnvironmentStringsA
CreateIoCompletionPort
GetCurrentThread
GetConsoleOutputCP
GetVolumeNameForVolumeMountPointA
SetConsoleMode
MapUserPhysicalPagesScatter
GetAtomNameA
SetCurrentDirectoryW
FindAtomW
SetFileAttributesA
Toolhelp32ReadProcessMemory
CreateFileMappingW
GetNamedPipeInfo
GetUserDefaultLCID
ReadFile
WideCharToMultiByte
GetPrivateProfileIntA
GetProfileSectionA
GetProcessWorkingSetSize
CreateMailslotA
SetCalendarInfoW
GetSystemWindowsDirectoryA
DeleteVolumeMountPointA
SetThreadPriority
AssignProcessToJobObject
FlushInstructionCache
FindResourceExW
PostQueuedCompletionStatus
EnumCalendarInfoA
GetConsoleAliasExesLengthA
SetProcessAffinityMask
GetShortPathNameW
GetPrivateProfileStructW
GetPrivateProfileSectionNamesW
OpenMutexW
EnumCalendarInfoW
OpenProcess
CreateSemaphoreA
BindIoCompletionCallback
SetFileAttributesW
VirtualAlloc
EraseTape
GetConsoleAliasExesA
CreateDirectoryW
MoveFileWithProgressA
DeleteFileA
DebugBreak
GetTimeFormatA
VirtualQuery
TlsGetValue
SetNamedPipeHandleState
CreateMutexW
IsBadWritePtr
GetCompressedFileSizeW
DuplicateHandle
IsDebuggerPresent
SystemTimeToFileTime
AreFileApisANSI
GetProfileStringA
WaitForMultipleObjects
ReadProcessMemory
FileTimeToLocalFileTime
CreateFileW
WriteConsoleW
GetCPInfoExW
HeapValidate
FreeUserPhysicalPages
GetModuleHandleW
GetLogicalDriveStringsW
GetVolumePathNameA
Module32Next
GetNamedPipeHandleStateW
CreateJobObjectW
GetProcessIoCounters
GetPriorityClass
GetConsoleAliasesW
lstrcmpW
MapViewOfFileEx
CreateDirectoryA
Module32NextW
CreateDirectoryExW
GetTimeZoneInformation
GetEnvironmentStringsW
GetDiskFreeSpaceExW
lstrcatW
lstrcpynA
GetDateFormatW
GetCurrencyFormatW
MoveFileW
PeekNamedPipe
SetConsoleTextAttribute
GetFileAttributesExA
GetLongPathNameA
GetFileSizeEx
MapUserPhysicalPages
SetHandleInformation
FindNextFileW
ProcessIdToSessionId
GetUserDefaultLangID
LCMapStringA
HeapCreate
SetConsoleCP
GlobalLock
DefineDosDeviceW
GetThreadTimes
GetLocaleInfoA
GetFileInformationByHandle
GetMailslotInfo
ConvertDefaultLocale
GetCalendarInfoA
GetCommandLineW
GetSystemDefaultUILanguage
FlushConsoleInputBuffer
FindFirstVolumeA
GetProcessPriorityBoost
SetConsoleCtrlHandler
CompareStringW
CreateHardLinkW
GetLongPathNameW
GetTapeStatus
FoldStringA
FindResourceW
SetThreadIdealProcessor
GetFileAttributesW
PrepareTape
GetVolumePathNameW
RemoveDirectoryA
SetCalendarInfoA
GetPrivateProfileStringW
GetNumberFormatW
ConvertThreadToFiber
OpenSemaphoreW
GetModuleFileNameW
FreeResource
GetFullPathNameA
FindVolumeMountPointClose
CompareStringA
GetExitCodeThread
OpenFileMappingA
CreateToolhelp32Snapshot
GetConsoleScreenBufferInfo
ChangeTimerQueueTimer
EnumCalendarInfoExW
SetUnhandledExceptionFilter
GetStdHandle
CopyFileExW
DnsHostnameToComputerNameW
DeleteTimerQueueEx
GetAtomNameW
ReplaceFileA
EnumCalendarInfoExA
IsValidCodePage
SetThreadContext
Module32FirstW
GetEnvironmentVariableA
ResumeThread
SetProcessPriorityBoost
ReplaceFileW
FormatMessageW
GetProfileIntW
SetCurrentDirectoryA
GetCurrentDirectoryA
CancelWaitableTimer
SearchPathA
CreateNamedPipeW
QueryPerformanceFrequency
FindFirstVolumeMountPointA
DeleteAtom
OpenJobObjectW
SetProcessWorkingSetSize
CreateEventA
CreateProcessW
GetCompressedFileSizeA
SetThreadAffinityMask
OpenEventA
FindFirstFileExA
GetNamedPipeHandleStateA
GetFileSize
GetProcessAffinityMask
GetProcessVersion
CopyFileExA
CreateFileMappingA
GetFileType
GetProcessTimes
GetConsoleCP
OpenSemaphoreA
ReleaseSemaphore
SetThreadLocale
MultiByteToWideChar
FindFirstFileW
GetStringTypeA
GetSystemDirectoryW
SetThreadPriorityBoost
DeviceIoControl
SetEndOfFile
GetThreadPriority
FindVolumeClose
GetStringTypeW
VerSetConditionMask
GetSystemWindowsDirectoryW
CreateWaitableTimerA
CreateHardLinkA
IsDBCSLeadByteEx
SetMailslotInfo
GetConsoleAliasW
GetDriveTypeA
SetEnvironmentVariableA
SetThreadExecutionState
MapViewOfFile
GetSystemDefaultLangID
GetThreadContext
GetConsoleAliasExesLengthW
HeapReAlloc
HeapAlloc
HeapSize
RtlUnwind
Sleep
HeapFree
TerminateProcess
UnhandledExceptionFilter
LoadLibraryW
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
InterlockedDecrement
GetLastError
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
EncodePointer
DeleteCriticalSection
GetStartupInfoW
InitializeCriticalSectionAndSpinCount
SetHandleCount
WriteFile
DecodePointer
ExitProcess
HeapSetInformation
GetCommandLineA
IsProcessorFeaturePresent

user32

GetGUIThreadInfo
DeleteMenu
SetClassLongW
GetThreadDesktop
ChildWindowFromPointEx
TrackPopupMenuEx
SetWindowLongA
LoadAcceleratorsW
CreateWindowExW
GetClientRect
EnumDisplaySettingsW
AdjustWindowRectEx
IsWindowEnabled
PtInRect
CreateDialogParamW
PeekMessageW
SetMenuDefaultItem
CharUpperBuffW
GetSysColorBrush
AttachThreadInput
EnumChildWindows
WindowFromDC
UnhookWindowsHookEx
KillTimer
CloseWindowStation
CreateIconIndirect
SetTimer
GetActiveWindow
TrackPopupMenu
RegisterWindowMessageW
WaitMessage
SetPropA
GetMessagePos
PeekMessageA
DefWindowProcA
SetPropW
DestroyAcceleratorTable
EnumWindows
GetDC
OpenDesktopW
WindowFromPoint
EmptyClipboard
IntersectRect
SetDlgItemTextA
SetWindowTextW
SetCursorPos
GetMenuItemID
WinHelpA

shell32

SHFileOperationW
SHGetFolderPathW
CommandLineToArgvW
ShellExecuteW
SHGetSpecialFolderLocation
SHGetFileInfoW
ShellExecuteExW
SHGetSpecialFolderPathW
SHBrowseForFolderW
SHChangeNotify
SHGetDesktopFolder
SHBindToParent
SHGetMalloc

Sections

.text
Size: 776KB - Virtual size: 776KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 331KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40178906b1aa55cb17eddf9fc4628501

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

Sections

.text Size: 776KB - Virtual size: 776KB

.rdata Size: 331KB - Virtual size: 331KB

.data Size: 3KB - Virtual size: 451KB

.rsrc Size: 30KB - Virtual size: 29KB

.text
Size: 776KB - Virtual size: 776KB

.rdata
Size: 331KB - Virtual size: 331KB

.data
Size: 3KB - Virtual size: 451KB

.rsrc
Size: 30KB - Virtual size: 29KB