a2103a1ab8a42a9ef5cf8b2030e35bba094065bf8df1da788efd9ef8962f621a

Sharing

Copy URL Twitter E-mail

General

Target

a2103a1ab8a42a9ef5cf8b2030e35bba094065bf8df1da788efd9ef8962f621a
Size

121KB
MD5

bb3df6fde7c9bb88e5b7f0f0bd429bc6
SHA1

67a5ffc8804f28ebf4403bb0fd33823178e0571d
SHA256

a2103a1ab8a42a9ef5cf8b2030e35bba094065bf8df1da788efd9ef8962f621a
SHA512

97397af34f6e7c0a7816dc67b21edee9a7ea10829e98c590edb3503d33d603ab6c8645e486323daf3a66e5fc3ce0cc96229d4c34a2a68f436a7d36f18d28d92a
SSDEEP

3072:Wm3EczfaWYk/kRf5f4ot7MG/IirmzxFtZsB/Be:10UaWYk/Kf14O1vKx7Zr

Score

N/A

Malware Config

Signatures

Files

a2103a1ab8a42a9ef5cf8b2030e35bba094065bf8df1da788efd9ef8962f621a
.exe windows x86

49051e886cff1bf6b305e04f47267021

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

ReadFile
IsProcessorFeaturePresent
HeapReAlloc
GetStringTypeW
LCMapStringW
WriteConsoleW
SetStdHandle
LoadLibraryW
RtlUnwind
MultiByteToWideChar
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
GetConsoleCP
GetCurrentThreadId
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
HeapSize
CreateFileW
GetSystemTime
CloseHandle
GetConsoleMode
GetVersionExA
GetSystemInfo
GetLastError
GetNativeSystemInfo
HeapCreate
Sleep
GlobalAlloc
GetProcessHeap
HeapFree
GetModuleFileNameW
GetStdHandle
WriteFile
HeapAlloc
SetFilePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
GetProcAddress
GetModuleHandleW
ExitProcess
FlushFileBuffers

user32

EndPaint
GetMessageA
GetClassNameA
GetDlgItemInt
GetSystemMenu
GetWindowRect
IsMenu
InsertMenuItemA
PostQuitMessage
FillRect
GetMenuItemID
SetCapture
GetSubMenu
LoadBitmapA
GetParent
AttachThreadInput
WindowFromPoint
SendMessageA
BeginPaint
GetIconInfo
GetDC
SetDlgItemInt
GetMenu
GetCursorInfo
SetRect
InvalidateRect
CreateWindowExA
ReleaseDC
EnableMenuItem
SetClassLongA
GetMenuState
GetDlgItem
EndDialog
DefWindowProcA
SetWindowPos
GetCursorPos
GetMenuStringA
LoadAcceleratorsA
GetMenuItemCount
IsWindow
DispatchMessageA
GetCursor
LoadImageA
MapWindowPoints
GetDlgItemTextA
SetDlgItemTextA
ModifyMenuA
GetWindowThreadProcessId
RegisterClassA
OffsetRect

gdi32

MoveToEx
LineTo
SelectObject
CreatePatternBrush
PolyBezier
GetStockObject
GetBitmapBits

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey
GetSecurityDescriptorSacl
IsValidSid
GetAce
GetFileSecurityW
RegQueryValueExA
GetAclInformation

oleaut32

OleCreateFontIndirect

comctl32

ord17

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49051e886cff1bf6b305e04f47267021

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

oleaut32

comctl32

Sections

.text Size: 64KB - Virtual size: 64KB

.rdata Size: 19KB - Virtual size: 18KB

.data Size: 12KB - Virtual size: 20KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 64KB - Virtual size: 64KB

.rdata
Size: 19KB - Virtual size: 18KB

.data
Size: 12KB - Virtual size: 20KB

.rsrc
Size: 24KB - Virtual size: 24KB