40b23827534bd2921d539deddd018f7dbed1f905d5eae2d7ee21c2d83d331a41

Sharing

Copy URL Twitter E-mail

General

Target

40b23827534bd2921d539deddd018f7dbed1f905d5eae2d7ee21c2d83d331a41
Size

312KB
MD5

a54eb69dcefc9017a7075b75a4c69dcf
SHA1

68acb3d5f27117536b92d61a1995605c0e1c7427
SHA256

40b23827534bd2921d539deddd018f7dbed1f905d5eae2d7ee21c2d83d331a41
SHA512

d96c9ad389b005ba1cd5817a837f084b2e621ae4077de3842d8176a951f915625c5bc6c390cb4a5b85ea277d10197d606b8907179b13a48e4920af9320fbdb89
SSDEEP

6144:Tj75yoxzfJsD126lShErCqE8HLVRJeYKUTRhqwJ8oV:f75yYOrAmCqE8HLzTiQ

Score

N/A

Malware Config

Signatures

Files

40b23827534bd2921d539deddd018f7dbed1f905d5eae2d7ee21c2d83d331a41
.exe windows x86

6b9ffe9b77260208882875c956ad286e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
HeapReAlloc
CompareStringA
MultiByteToWideChar
CompareStringW
SetEnvironmentVariableA
HeapSize
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapCreate
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
RaiseException
HeapAlloc
InitializeCriticalSectionAndSpinCount
GetStdHandle
WriteFile
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WideCharToMultiByte
HeapFree
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
ExitProcess
GetModuleHandleW
GetSystemTimeAsFileTime
lstrcpyA
CreateThread
OutputDebugStringA
CreateMutexA
GetModuleHandleA
GetModuleFileNameA
LoadLibraryA
GetProcAddress
lstrcmpiA
GetLastError
lstrlenW
lstrcatA
GetModuleFileNameW
ReadProcessMemory
Sleep
GetCommandLineA
OutputDebugStringW
WaitForSingleObject
GetCurrentProcess
lstrlenA
RtlUnwind
lstrcmpA

user32

VkKeyScanExW
VkKeyScanW
UpdateLayeredWindow
VkKeyScanExA
TrackPopupMenuEx
MessageBoxA
TileWindows
MessageBoxW

gdi32

CreateDIBPatternBrush
GetICMProfileW
CancelDC
SetViewportOrgEx
LPtoDP
ColorCorrectPalette
GetWindowExtEx
SetMetaRgn
CreatePolyPolygonRgn
SetICMProfileA
GetOutlineTextMetricsA
UpdateICMRegKeyW
GetROP2
InvertRgn
StretchBlt
SetDIBColorTable
SetArcDirection
CreateHalftonePalette
RemoveFontMemResourceEx
GetRgnBox
UnrealizeObject
SelectObject
UpdateICMRegKeyA
SelectClipRgn
RemoveFontResourceExW
PlayEnhMetaFile
CombineRgn
GetMapMode
SetPolyFillMode
ScaleViewportExtEx
SelectPalette
GetSystemPaletteUse
SetStretchBltMode
SetTextCharacterExtra
PolyBezierTo
CreateRectRgn
SetTextJustification
GetTextMetricsA
RoundRect
GetStretchBltMode
IntersectClipRect
GetObjectA
GetStockObject
PaintRgn
GetTextColor
SetSystemPaletteUse
RestoreDC
GetRasterizerCaps
GetRandomRgn
StrokeAndFillPath
SetGraphicsMode
SelectClipPath
GetLayout
RemoveFontResourceA
SetWindowOrgEx
CreatePolygonRgn
CreateEllipticRgn
StrokePath
Pie

ole32

CoCreateInstance

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b9ffe9b77260208882875c956ad286e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

ole32

Sections

.text Size: 54KB - Virtual size: 53KB

.rdata Size: 49KB - Virtual size: 48KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 204KB - Virtual size: 203KB

.text
Size: 54KB - Virtual size: 53KB

.rdata
Size: 49KB - Virtual size: 48KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 204KB - Virtual size: 203KB