826576c802338ce092584d8b7e878e5c4ab5c45b6cd1d7aaf170576dfca82397

Sharing

Copy URL Twitter E-mail

General

Target

826576c802338ce092584d8b7e878e5c4ab5c45b6cd1d7aaf170576dfca82397
Size

397KB
MD5

e44e4167756f04288da45e8bb16f5b16
SHA1

df46c5d74c06f5295796f41c4ec3cb8ca9919d04
SHA256

826576c802338ce092584d8b7e878e5c4ab5c45b6cd1d7aaf170576dfca82397
SHA512

3596f583a04c856bd4d794e934a15d5b07bfa2d1c6e280c6e136986ea583e622dadd02212003cdd13a02b6ff729ef0e6f54f141fc87b26dcf497bad8256e02ae
SSDEEP

12288:BLK0vd1bIXdxwGWrzsmiv8n0RHRPCYO5p3:rvd1bIXdhWsjyMHRhO5N

Score

N/A

Malware Config

Signatures

Files

826576c802338ce092584d8b7e878e5c4ab5c45b6cd1d7aaf170576dfca82397
.exe windows x86

6984a996b5cfe96da42d33ed8d86797e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
MultiByteToWideChar
GlobalUnlock
GetLastError
GetProcAddress
CopyFileA
LoadLibraryA
GetModuleFileNameA
CreateMutexA
CloseHandle
GetTempPathA
DeleteFileA
TerminateProcess
WriteConsoleW
SetStdHandle
ReadConsoleW
LoadLibraryW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
Sleep
GetVolumeInformationA
WideCharToMultiByte
WriteFile
GetWindowsDirectoryA
GetCurrentProcess
GlobalLock
FreeLibrary
GetFileSize
CreateFileA
LCMapStringW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
VirtualProtect
VirtualFree
VirtualAlloc
GetVersionExW
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
OutputDebugStringW
DuplicateHandle
GetCurrentThread
GetCurrentThreadId
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
HeapFree
HeapAlloc
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
HeapReAlloc
GetCommandLineA
RaiseException
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetTickCount
GetModuleHandleW
CreateSemaphoreW
CreateThread
ExitThread
LoadLibraryExW
CreateTimerQueue
SetEvent
WaitForSingleObjectEx
SignalObjectAndWait
SwitchToThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetProcessHeap
ExitProcess
GetModuleHandleExW
GetStdHandle
GetModuleFileNameW
HeapSize
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
CreateFileW

user32

GetWindowThreadProcessId
GetSystemMetrics
OpenClipboard
GetClipboardData
MapVirtualKeyA
GetKeyboardLayout
GetForegroundWindow
GetKeyboardState
GetDC
CloseClipboard
ToAsciiEx
GetKeyState

gdi32

DeleteDC
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey

ws2_32

WSAStartup
htons
recv
socket
closesocket
gethostbyname
send
inet_ntoa
getpeername
connect

gdiplus

GdipFree
GdipAlloc
GdipGetImageEncodersSize
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipGetImageEncoders
GdipSaveImageToFile
GdipCloneImage
GdiplusStartup

Sections

.text
Size: 291KB - Virtual size: 291KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6984a996b5cfe96da42d33ed8d86797e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ws2_32

gdiplus

Sections

.text Size: 291KB - Virtual size: 291KB

.rdata Size: 80KB - Virtual size: 80KB

.data Size: 9KB - Virtual size: 26KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 291KB - Virtual size: 291KB

.rdata
Size: 80KB - Virtual size: 80KB

.data
Size: 9KB - Virtual size: 26KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 14KB - Virtual size: 13KB