b1378cc0168beefd7b7891cbd58d5282e9d33fd6c159464d6f728d46797ba76a

Sharing

Copy URL

Twitter E-mail

General

Target

b1378cc0168beefd7b7891cbd58d5282e9d33fd6c159464d6f728d46797ba76a
Size

308KB
MD5

60a8e3138981cf1e483c4800e73c4db3
SHA1

628b16123c244239c968303bf5619b2e97f5fae3
SHA256

b1378cc0168beefd7b7891cbd58d5282e9d33fd6c159464d6f728d46797ba76a
SHA512

4fc9e588ace1d1b0b07a52e654dfa84472ff57402e5d1adb236e25a0cf61cb7c1a5b137513af7ceaf93ca59f8e06f96ebd98f0334c1af207d56334ba09b898e6
SSDEEP

6144:BkJPQvAoH1OnWTQKbfasq7YIRvOOrelhQvnkjauV84Hn44/Vk7McQ:GJPQvAoH1OnJmNq1vVGhQsmF6Bh

Score

N/A

Malware Config

Signatures

Files

b1378cc0168beefd7b7891cbd58d5282e9d33fd6c159464d6f728d46797ba76a
.exe windows x86

2eb619a3ea3dfbc7a5f7dc4b1fa6aa9a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_SYSTEM

Imports

kernel32

LCMapStringW
MultiByteToWideChar
WriteConsoleW
SetStdHandle
HeapSize
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
RaiseException
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
GetStringTypeW
TlsAlloc
LoadLibraryW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameW
GetStdHandle
GetCurrentProcess
HeapReAlloc
FlushFileBuffers
lstrcpyA
GetCurrentThreadId
ConvertDefaultLocale
GetLastError
GlobalUnlock
lstrlenW
CompareStringW
CreateFileW
HeapCreate
Sleep
WriteFile
FormatMessageA
TerminateProcess
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
CloseHandle
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
HeapSetInformation
GetCommandLineA
DecodePointer
GetModuleHandleW
GetProcAddress
HeapFree
GlobalLock
HeapAlloc
SetFilePointer
TlsGetValue
ExitProcess

user32

BeginDeferWindowPos
GetSystemMetrics
IsWindowVisible
DeferWindowPos
SetThreadDesktop
SetWindowTextA
UpdateWindow
GetDlgItemTextA
ShowWindow
EnumWindowStationsW
GetMenuItemInfoA
DefWindowProcA
EndDialog
GetDlgItem
ReleaseDC
SetScrollPos
DialogBoxParamA
EndDeferWindowPos
GetWindow
EndPaint
SetCursor
GetUserObjectInformationA
SetProcessWindowStation
GetWindowRect
GetThreadDesktop
IsIconic
CloseWindowStation
GetFocus
LoadBitmapA
CreateDesktopA
GetProcessWindowStation
GetClientRect
SetFocus
CloseDesktop
SendMessageA
BeginPaint
GetDC
GetForegroundWindow
GetMenu
GetWindowTextA
GetKeyboardLayout
RegisterClipboardFormatA
MessageBoxA
InvalidateRect
GetWindowLongA

gdi32

SetTextJustification
BitBlt
DeleteDC
CreateFontIndirectA
DeleteObject
SelectObject
CreateCompatibleDC
GetKerningPairsA
CreateCompatibleBitmap

shell32

ExtractIconExA

ole32

ReleaseStgMedium

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

shlwapi

StrToIntExA

gdiplus

GdipFree
GdipCreateBitmapFromScan0
GdiplusStartup
GdipCloneImage
GdipSaveImageToFile
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipAlloc
GdipGetImageGraphicsContext

imm32

ImmGetOpenStatus
ImmGetConversionStatus
ImmSetOpenStatus
ImmGetContext
ImmReleaseContext

ntdsapi

DsUnBindA

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.relo
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2eb619a3ea3dfbc7a5f7dc4b1fa6aa9a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

version

shlwapi

gdiplus

imm32

ntdsapi

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 5KB - Virtual size: 12KB

.ndata Size: 27KB - Virtual size: 26KB

.relo Size: 166KB - Virtual size: 166KB

.cdata Size: 10KB - Virtual size: 10KB

.rsrc Size: 18KB - Virtual size: 17KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 5KB - Virtual size: 12KB

.ndata
Size: 27KB - Virtual size: 26KB

.relo
Size: 166KB - Virtual size: 166KB

.cdata
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 18KB - Virtual size: 17KB

.reloc
Size: 6KB - Virtual size: 6KB