5de3479f36a2866dc696c942bc0a98dfbecf56976462a0e39ea473e994e06269

Sharing

Copy URL

Twitter E-mail

General

Target

5de3479f36a2866dc696c942bc0a98dfbecf56976462a0e39ea473e994e06269
Size

420KB
MD5

ebce3cd2beb4aeee4b52570794118d74
SHA1

eb76c59efccbdba78ef8f3d3c9cb3a2c2928beed
SHA256

5de3479f36a2866dc696c942bc0a98dfbecf56976462a0e39ea473e994e06269
SHA512

637871a6a81fbeae1a7af2e0ba2d3ab0ce9039843360cc440ed2c947181e79fe6522962a0a2d02b39111abd980f14f2ccb21ab82e15acbba86e23b50518d15d8
SSDEEP

6144:xWxJXrQ+Fx8KepLkpCFJzF5mowX/BcD0dpQ9TBNWJ/x+nZ/3T:Mbzx8KeGpWzFtwdK9TbWJa3T

Score

N/A

Malware Config

Signatures

Files

5de3479f36a2866dc696c942bc0a98dfbecf56976462a0e39ea473e994e06269
.exe windows x64

3336d3431fa9e93504311122e8803373

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

wsock32

setsockopt
socket
getpeername
getsockname
htons
select
send
recv
connect
WSAStartup
gethostname
gethostbyname
WSACleanup
inet_addr
closesocket
ioctlsocket

wtsapi32

WTSEnumerateSessionsA

wininet

InternetCheckConnectionA

iphlpapi

DeleteIpForwardEntry
GetIpForwardTable
CreateIpForwardEntry

urlmon

URLDownloadToFileA

kernel32

GetPrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThreadId
GetComputerNameA
GlobalMemoryStatus
GetLastError
GetCurrentProcess
lstrcmpiA
OpenProcess
TerminateProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
GetSystemTime
lstrlenA
MultiByteToWideChar
SetLastError
LocalFree
FormatMessageA
GlobalFree
GlobalGetAtomNameA
GetModuleHandleA
lstrcmpA
GetCurrentProcessId
LocalAlloc
TlsGetValue
TlsAlloc
GlobalReAlloc
GlobalHandle
TlsSetValue
LocalReAlloc
DeleteCriticalSection
CompareStringA
GetModuleHandleW
GlobalFlags
DeleteFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
CreateFileA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GetFileAttributesA
GetLocaleInfoA
GetCPInfo
GetOEMCP
InitializeCriticalSection
CreateThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetSystemTimeAsFileTime
GetCommandLineA
GetStartupInfoA
RtlUnwindEx
CreateDirectoryA
RaiseException
RtlPcToFileHeader
HeapAlloc
HeapFree
HeapReAlloc
HeapQueryInformation
HeapSize
ExitProcess
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
GetACP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapSetInformation
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
SetStdHandle
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetSystemInfo
WriteConsoleW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
GetCurrentDirectoryA
GetVersionExA
GetWindowsDirectoryA
SetFileAttributesA
CloseHandle
GetModuleFileNameA
LockResource
GetExitCodeThread
LoadLibraryA
GetProcAddress
GlobalUnlock
CreateProcessA
SizeofResource
Sleep
TerminateThread
WideCharToMultiByte
GlobalAlloc
WaitForSingleObject
GlobalLock
LoadResource
FreeLibrary
FindResourceA
EnterCriticalSection
LeaveCriticalSection
ExitThread
GetConsoleOutputCP

user32

CreateWindowExA
PostMessageA
GetClientRect
SetForegroundWindow
SetMenu
MapWindowPoints
GetMessagePos
GetMessageTime
SetWindowLongPtrA
GetWindowLongPtrA
DestroyWindow
GetTopWindow
RemovePropA
GetPropA
SetPropA
GetClassLongPtrA
GetClassLongA
GetCapture
WinHelpA
LoadIconA
RegisterWindowMessageA
CheckMenuItem
EnableMenuItem
ModifyMenuA
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
PostQuitMessage
DestroyMenu
GetClassInfoExA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetWindowsHookExA
CallNextHookEx
GetKeyState
PeekMessageA
ValidateRect
SetWindowPos
IsWindow
GetDlgItem
GetFocus
ClientToScreen
GetWindow
GetDlgCtrlID
GetClassNameA
PtInRect
SetWindowTextA
LoadCursorA
GetSysColor
GetSysColorBrush
GetWindowThreadProcessId
SendMessageA
GetWindowLongA
GetParent
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ReleaseDC
GetDC
GetWindowRect
GetProcessWindowStation
GetThreadDesktop
OpenWindowStationA
SetProcessWindowStation
OpenDesktopA
SetThreadDesktop
SwitchDesktop
CloseDesktop
GetSystemMetrics
CopyRect
DefWindowProcA
CallWindowProcA
GetMessageA
SetTimer
KillTimer
WaitForInputIdle
wsprintfA
TranslateMessage
GetForegroundWindow
GetWindowTextA
DispatchMessageA
FindWindowA
GetMenu

gdi32

CreateBitmap
GetStockObject
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
ScaleWindowExtEx
SetWindowExtEx
GetClipBox
SetMapMode
PtVisible
RectVisible
TextOutA
DeleteDC
DeleteObject
GetDIBits
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
SetTextColor
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps

advapi32

CryptAcquireContextA
CryptHashData
CryptDeriveKey
CryptDecrypt
CryptDestroyHash
CryptReleaseContext
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyA
RegQueryValueExA
RegSetValueExA
CryptEncrypt
GetUserNameA
CryptCreateHash

winmm

timeGetTime

oleacc

LresultFromObject
CreateStdAccessibleObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

oleaut32

VariantChangeType
VariantClear
VariantInit

Sections

.text
Size: 293KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Shared
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3336d3431fa9e93504311122e8803373

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

wtsapi32

wininet

iphlpapi

urlmon

kernel32

user32

gdi32

advapi32

winmm

oleacc

winspool.drv

oleaut32

Sections

.text Size: 293KB - Virtual size: 293KB

.rdata Size: 79KB - Virtual size: 79KB

.data Size: 11KB - Virtual size: 38KB

.pdata Size: 18KB - Virtual size: 17KB

Shared Size: 512B - Virtual size: 4B

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 293KB - Virtual size: 293KB

.rdata
Size: 79KB - Virtual size: 79KB

.data
Size: 11KB - Virtual size: 38KB

.pdata
Size: 18KB - Virtual size: 17KB

Shared
Size: 512B - Virtual size: 4B

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 10KB - Virtual size: 9KB