a7224c8cb3418337c6561ed452a74587df5f094f9b9eec8750d139fc66601bb5

Sharing

Copy URL Twitter E-mail

General

Target

a7224c8cb3418337c6561ed452a74587df5f094f9b9eec8750d139fc66601bb5
Size

282KB
MD5

4afd0c491afbe9df92c18cdea19b79e1
SHA1

353eb9d8e19ce2dac7146e680f2d9abc3e684326
SHA256

a7224c8cb3418337c6561ed452a74587df5f094f9b9eec8750d139fc66601bb5
SHA512

c1cbcdacb1ffc56a25e0ffb99b155fc7787dc7358603d2e8e7c1c807e4a2e272d7bddd10f0a47ec3c5f3b7ff67ec34ba734aa58dabe018e28fac71ef5d2c49a2
SSDEEP

6144:5cCRQFnYPKABdxWwBSk0lcRT1385Iwt91L6Igpgtxq:5cCRQFnYXoHcwrtnL6ISgt8

Score

N/A

Malware Config

Signatures

Files

a7224c8cb3418337c6561ed452a74587df5f094f9b9eec8750d139fc66601bb5
.exe windows x86

3820df3314ffa974f20e0f2eb4a27ce2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_SYSTEM

Imports

kernel32

GetStringTypeW
LCMapStringW
RtlUnwind
Sleep
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetConsoleMode
GetConsoleCP
SetFilePointer
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
SetEvent
GetModuleHandleA
GetStdHandle
WriteFile
ExitProcess
IsProcessorFeaturePresent
GetProcAddress
GetCurrentThreadId
LoadLibraryW
SetStdHandle
WriteConsoleW
HeapReAlloc
HeapSize
CreateFileW
GetLastError
CreateFileA
GetFileSize
GlobalAlloc
GlobalLock
ReadFile
GlobalUnlock
CloseHandle
HeapCreate
HeapAlloc
GetSystemTimeAsFileTime
GetModuleFileNameA
SetLastError
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetCurrentProcess
FlushFileBuffers
TerminateProcess
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
DecodePointer
GetStartupInfoW
HeapSetInformation
WaitForMultipleObjects
FreeEnvironmentStringsW
GetProcessHeap
GetCommandLineA
MultiByteToWideChar
GetModuleFileNameW

user32

GetMenu
SetMenuItemInfoA
EndPaint
GetParent
PeekMessageA
DispatchMessageA
ShowWindow
TranslateMessage
GetSysColor
BeginPaint
SetClassLongA
FindWindowA
wsprintfA
ExitWindowsEx
KillTimer
SetWindowTextA
SetWindowLongA
GetClientRect
LoadBitmapA
EnumWindows
CreateWindowExA
LoadImageA
SendMessageA
GetWindowLongA
GetWindowRect
OffsetRect
InflateRect
GetSysColorBrush
FrameRect
FillRect
MessageBoxA
GetForegroundWindow
IsWindow
GetWindow
DestroyWindow
UnregisterClassW
IsWindowVisible
GetDC
InvalidateRect
DrawMenuBar
DefMDIChildProcA
LoadIconA
LoadCursorA
RegisterClassExA

gdi32

MoveToEx
CreateFontIndirectA
GetTextMetricsA
TextOutA
DeleteDC
CreatePen
CreateSolidBrush
CreateCompatibleDC
BitBlt
SetStretchBltMode
StretchBlt
GdiAlphaBlend
StretchDIBits
Rectangle
GetStockObject
EndDoc
SetTextAlign
SelectObject

shell32

DragQueryFileA
DragFinish
DragAcceptFiles

ole32

CoGetMalloc
OleInitialize
CoTaskMemAlloc
OleSetClipboard
OleIsCurrentClipboard
CoMarshalInterface
GetHGlobalFromStream
CoMarshalInterThreadInterfaceInStream
OleFlushClipboard
CoTaskMemFree
OleUninitialize
CreateStreamOnHGlobal

oleaut32

OleLoadPicture
OleSavePictureFile

psapi

GetWsChanges

crypt32

CryptFindLocalizedName
CryptBinaryToStringA

shlwapi

StrChrA
PathFindExtensionA
PathFindFileNameA

comctl32

CreateToolbarEx

gdiplus

GdipDisposeImage
GdipSaveImageToFile
GdipCreateBitmapFromHBITMAP
GdiplusStartup

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 121KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3820df3314ffa974f20e0f2eb4a27ce2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

psapi

crypt32

shlwapi

comctl32

gdiplus

Sections

.text Size: 63KB - Virtual size: 62KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 121KB - Virtual size: 128KB

.rsrc Size: 82KB - Virtual size: 82KB

.text
Size: 63KB - Virtual size: 62KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 121KB - Virtual size: 128KB

.rsrc
Size: 82KB - Virtual size: 82KB