390a5326e6a14b7f0e86e84e4bc569049665286e8f2442052830b6ca62484564

Sharing

Copy URL Twitter E-mail

General

Target

390a5326e6a14b7f0e86e84e4bc569049665286e8f2442052830b6ca62484564
Size

399KB
MD5

66e13c3b898a776ea66c80a3f0656054
SHA1

a96b5e08732ad97c7e5c9450ebe1498d2f04c188
SHA256

390a5326e6a14b7f0e86e84e4bc569049665286e8f2442052830b6ca62484564
SHA512

1585d91f7d46649c4e2fffb1a8ab1fafc573f1acd92d78af1aa7a058d45cfec9332b05ce0ad43fbf159a6748c470b744f7f348f5655dbdcb6d3565ef586d3e1c
SSDEEP

6144:NF4wuz1u1t3tfwYuHb5EB88SZBYmP3pXp7uSNP3qEDNCoLeK2ZHWbUuPCg:NF7SE1t3tf0Hb5OSb/PvRzQoLUWbUuag

Score

N/A

Malware Config

Signatures

Files

390a5326e6a14b7f0e86e84e4bc569049665286e8f2442052830b6ca62484564
.exe windows x86

deefc503b2913c5560a11062f02cc1b3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
HeapSize
HeapReAlloc
RtlUnwind
LCMapStringW
GetConsoleMode
GetConsoleCP
SetFilePointer
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
LoadLibraryW
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetLocaleInfoW
WriteConsoleW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameW
GetStdHandle
WriteFile
Sleep
IsProcessorFeaturePresent
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetCPInfo
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
ReadFile
FlushFileBuffers
lstrcpyA
DeleteFileA
GetCurrentProcessId
CloseHandle
GetVersionExA
FindNextFileA
LoadLibraryA
FindClose
BackupWrite
GetProcAddress
GetLastError
FindFirstFileA
GlobalUnlock
SetConsoleTitleA
lstrlenW
MultiByteToWideChar
GetACP
lstrcatA
GetUserDefaultLCID
HeapCreate
UnhandledExceptionFilter
TerminateProcess
WideCharToMultiByte
GlobalAlloc
FormatMessageA
GetConsoleTitleA
GetProcessHeap
GetCurrentThread
GetTickCount
GlobalLock
QueryPerformanceCounter
GetComputerNameA
GetCurrentProcess
lstrlenA
CreateFileA
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA
DecodePointer
ExitProcess
GetSystemTimeAsFileTime
InterlockedIncrement
InterlockedDecrement
VirtualQuery
GetSystemInfo
GetModuleHandleW
VirtualAlloc
VirtualProtect
HeapAlloc
HeapFree
GetFullPathNameA
CreateFileW

user32

UpdateWindow
SetClipboardData
FindWindowA
DestroyIcon
SetScrollInfo
GetWindow
SetWindowTextA
IsWindowVisible
ScrollWindowEx
MessageBoxW
OpenClipboard
IsWindow
ShowWindow
DefWindowProcA
GetDlgItem
ReleaseDC
CreateWindowExA
GetClipboardData
GetWindowLongA
GetAncestor
MoveWindow
PostQuitMessage
InvalidateRect
MessageBoxA
GetScrollInfo
EndPaint
EnumDisplayMonitors
CloseClipboard
GetClassNameA
ScreenToClient
GetWindowRect
FillRect
SetForegroundWindow
LoadStringA
LoadBitmapA
GetParent
LoadIconA
InvalidateRgn
wsprintfA
DrawIcon
GetClientRect
SendMessageA
BeginPaint
EnumWindows
GetDC
GetWindowTextA
SetWindowLongA

gdi32

SetWindowOrgEx
FrameRgn
LineTo
GetDeviceCaps
CreateFontIndirectA
SetBkMode
DeleteObject
SelectObject
SelectClipRgn
DPtoLP
SetMapMode
Ellipse
SaveDC
CreatePen
SetViewportExtEx
SetROP2
SetTextAlign
GetObjectA
GetStockObject
RestoreDC
CreateSolidBrush
TextOutA
MoveToEx

winspool.drv

DeviceCapabilitiesW

advapi32

RegEnumValueA
OpenThreadToken
RegCloseKey
FreeSid
AllocateAndInitializeSid
RegDeleteValueA
LsaClose
RegOpenKeyExA
RegCreateKeyExA
EqualSid
GetTokenInformation
OpenProcessToken

shell32

Shell_NotifyIconW

ole32

CoCreateGuid
CoInitialize
StgCreateDocfileOnILockBytes
CoGetClassObject
OleGetClipboard
CreateILockBytesOnHGlobal
OleSetContainedObject
StringFromCLSID
CLSIDFromProgID
CoUninitialize
CoCreateInstance
OleCreateStaticFromData
CoTaskMemFree

oleaut32

VariantInit
SysFreeString
VariantChangeType
GetActiveObject
VariantClear
SysAllocString

ws2_32

bind
WSACleanup
WSAStartup
getsockopt
socket
closesocket

netapi32

NetLocalGroupAddMember
NetUserAdd
Netbios
NetApiBufferFree
NetSessionEnum

winmm

timeGetTime

comctl32

CreateToolbarEx

rpcrt4

RpcBindingFree
RpcBindingFromStringBindingA
RpcStringBindingComposeA
UuidCreate

rasapi32

RasDialA
RasGetErrorStringA
RasHangUpA

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 268KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

deefc503b2913c5560a11062f02cc1b3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

ws2_32

netapi32

winmm

comctl32

rpcrt4

rasapi32

Sections

.text Size: 93KB - Virtual size: 93KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 268KB - Virtual size: 277KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 93KB - Virtual size: 93KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 268KB - Virtual size: 277KB

.rsrc
Size: 6KB - Virtual size: 6KB