c27f316de93e488a6337d46475c8f9d1f0db9af50629620a6eca9210b9e95e4f

Sharing

Copy URL Twitter E-mail

General

Target

c27f316de93e488a6337d46475c8f9d1f0db9af50629620a6eca9210b9e95e4f
Size

206KB
MD5

81b312dbcf901aadfd2d05a0c8492f77
SHA1

ed62246d25084c3f6f75b81fc3f22761a3cfdd98
SHA256

c27f316de93e488a6337d46475c8f9d1f0db9af50629620a6eca9210b9e95e4f
SHA512

68027cb7eeed3f5c467b93826a9e0d2cd56ae9f2d8a65d19b9b2546da0c8edc322ad12d1c7905f25ab681cb2940602c816142727d7385cfa7b736630bb52b471
SSDEEP

3072:tkc9SuLNh03ID2bXrudQDNJRlYK/M1UO8n/G:TP04WPNJR20M1UO8u

Score

N/A

Malware Config

Signatures

Files

c27f316de93e488a6337d46475c8f9d1f0db9af50629620a6eca9210b9e95e4f
.exe windows x86

23382420483c30893f741c9f679538d9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
PostQueuedCompletionStatus
LocalFree
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
GetTickCount
GetSystemTimeAsFileTime
GetSystemInfo
ReleaseSemaphore
ResetEvent
GetModuleHandleW
GetFileAttributesA
LoadLibraryA
GetCommandLineW
GetDriveTypeA
GetProcessHeap
HeapAlloc
GetFileAttributesW
VirtualAllocEx
WideCharToMultiByte
WaitForSingleObject
UnhandledExceptionFilter
TerminateProcess
Sleep
SetUnhandledExceptionFilter
SetThreadPriority
SetEvent
CancelIo
GetSystemDirectoryW
GetQueuedCompletionStatus
GetModuleHandleA
GetLocalTime
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetComputerNameW
ExpandEnvironmentStringsW
ExitProcess
EnterCriticalSection
DeleteCriticalSection
CreateThread
CreateSemaphoreW
CreateIoCompletionPort
CreateEventW
CloseHandle
ResumeThread

user32

LoadCursorA
GetKeyState
SendMessageA
GetMenu
EnableMenuItem
LoadBitmapA
GetSysColor
DestroyWindow
IsDlgButtonChecked
wsprintfW
CharUpperW
CharLowerW

gdi32

CreatePatternBrush
CloseEnhMetaFile
CreateMetaFileW
SetTextColor
CreateSolidBrush
DeleteMetaFile
AddFontResourceA
GetFontLanguageInfo
GdiFlush
GetBkMode
EndPage
CloseFigure
CreateCompatibleDC
GetLayout
SelectObject
DeleteObject
AddFontResourceW
BeginPath
DeleteDC
EndDoc

advapi32

RegQueryValueExA
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
OpenProcessToken
MakeSelfRelativeSD
LookupAccountNameW
IsValidSid
InitializeSecurityDescriptor
InitializeAcl
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
GetTokenInformation
GetLengthSid
AddAccessDeniedAce
AddAccessAllowedAce
RegisterServiceCtrlHandlerW
RegisterTraceGuidsW
ReportEventW
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetServiceStatus
StartServiceCtrlDispatcherW
TraceMessage
UnregisterTraceGuids
RegOpenKeyA
RegisterEventSourceW

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleRun

msvcrt

wcstok
wcsstr
wcslen
wcscspn
wcscpy
wcscmp
wcschr
_CxxThrowException
_XcptFilter
__CxxFrameHandler
__dllonexit
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
__winitenv
_adjust_fdiv
_beginthreadex
_c_exit
_cexit
_controlfp
_endthreadex
_except_handler3
_exit
_getche
_initterm
_onexit
_purecall
_ui64tow
_vsnwprintf
_wcsicmp
_wcsnicmp
_wtoi64
exit
free
iswspace
localtime
malloc
printf
swprintf
towupper
wcscat

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23382420483c30893f741c9f679538d9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

msvcrt

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 158KB - Virtual size: 157KB

.rsrc Size: 40KB - Virtual size: 39KB

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 158KB - Virtual size: 157KB

.rsrc
Size: 40KB - Virtual size: 39KB