278e3b318e3ce640e2a4bef93c0bb66f9f1d4fbc373150ab8a83622901b20dcd

Sharing

Copy URL Twitter E-mail

General

Target

278e3b318e3ce640e2a4bef93c0bb66f9f1d4fbc373150ab8a83622901b20dcd
Size

192KB
MD5

b6947846c9acb9b6f373f9bebcfb1d67
SHA1

74bb69a375f905dbc261415d8636bd933948637a
SHA256

278e3b318e3ce640e2a4bef93c0bb66f9f1d4fbc373150ab8a83622901b20dcd
SHA512

90e29ea3a203a41d23f33a7b5f854cf109bb0fc972d8292a26c3c081050dab68062a0ce3b1bf16ff2eb8ffdcd52a62172b32caf9941a20cd06bfb97e31799b84
SSDEEP

3072:LoHIk8zVGFde07w9IYV1pDd1INXXzOiIm6tiyG7xIKZOq8h87:0HXiGFdHaIYdd1I93uadI8Ob87

Score

N/A

Malware Config

Signatures

Files

278e3b318e3ce640e2a4bef93c0bb66f9f1d4fbc373150ab8a83622901b20dcd
.exe windows x86

2451805c8224ab1990e310f3fd919e93

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
CloseHandle
SetFilePointer
ReadFile
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WriteFile
ExitProcess
GetFileType
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetHandleCount
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
GetStringTypeW
HeapReAlloc
HeapSize
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
LoadLibraryW
WriteConsoleW
SetStdHandle
CreateFileA
CreateFileW
SetEndOfFile
GlobalUnlock
GlobalFree
GlobalAlloc
GetCurrentThreadId
SetLastError
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetUnhandledExceptionFilter
GetLocaleInfoW
GetLastError
HeapCreate
HeapAlloc
Sleep
lstrcatA
GetProcAddress
IsValidCodePage
GetOEMCP
GetACP
IsProcessorFeaturePresent
GetCPInfo
GetProcessHeap
MultiByteToWideChar
LCMapStringW
WideCharToMultiByte
GetStartupInfoW
HeapSetInformation
GetCommandLineA
RtlUnwind
RaiseException
HeapFree
DecodePointer
EncodePointer
LeaveCriticalSection
EnterCriticalSection
UnhandledExceptionFilter
LoadLibraryA
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement

user32

SystemParametersInfoA
GetSystemMetrics
OffsetRect
OemToCharA
keybd_event
SetForegroundWindow
GetMessageW
FindWindowA
DispatchMessageA
TranslateMessage
IsDialogMessageA
GetMessageA
ShowWindow
BeginPaint
DispatchMessageW
GetMenuItemID
PostMessageA
GetMenu
FindWindowExA
MessageBoxA
CreateWindowExA
RegisterClassA
LoadBitmapA
wsprintfA
SendMessageA
WinHelpA
SendDlgItemMessageA
EndDialog
LoadStringA
GetMenuStringA
GetDlgItem
EnableWindow
InvalidateRect
DestroyWindow
PostQuitMessage
IsWindowEnabled
CharNextW
SetMenuItemInfoA
GetMenuItemInfoA
InsertMenuItemA
GetWindowTextA
GetMenuItemCount
LoadCursorA

gdi32

SelectObject
GetStockObject
CreateCompatibleDC
DeleteDC
GetObjectA
SetTextColor
SetBkColor
BitBlt
DeleteObject
CreateFontIndirectA

comdlg32

GetFileTitleA

advapi32

RegCloseKey
RegSetValueExW
RegCreateKeyExW

ole32

CreateBindCtx

netapi32

NetApiBufferFree
NetLocalGroupEnum

iphlpapi

GetNetworkParams

comctl32

ImageList_Add
ord17
ImageList_Create
ord16
ImageList_Destroy
ImageList_AddMasked

rpcrt4

RpcImpersonateClient

gdiplus

GdipSetPathFillMode
GdipFree
GdipAlloc
GdipDeleteBrush
GdipCreatePath
GdipDeletePath
GdipGetImageEncodersSize
GdipCreateSolidFill
GdipCreatePen1
GdipClosePathFigure
GdipAddPathLine
ord1
GdipCreateFromHDC
GdipDrawPath
GdipFillPath
GdipCloneBrush

imm32

ImmAssociateContext

winhttp

WinHttpQueryOption
WinHttpOpen
WinHttpCloseHandle

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2451805c8224ab1990e310f3fd919e93

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

netapi32

iphlpapi

comctl32

rpcrt4

gdiplus

imm32

winhttp

Sections

.text Size: 107KB - Virtual size: 106KB

.rdata Size: 50KB - Virtual size: 50KB

.data Size: 6KB - Virtual size: 14KB

.udata Size: 5KB - Virtual size: 4KB

.rsrc Size: 22KB - Virtual size: 21KB

.text
Size: 107KB - Virtual size: 106KB

.rdata
Size: 50KB - Virtual size: 50KB

.data
Size: 6KB - Virtual size: 14KB

.udata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 22KB - Virtual size: 21KB