f862e64e8ddcac24802d41445420018249eac617dcc7aeff80ff1ce0fde840d3

Sharing

Copy URL Twitter E-mail

General

Target

f862e64e8ddcac24802d41445420018249eac617dcc7aeff80ff1ce0fde840d3
Size

1.3MB
MD5

d9d2d8d8486a14cce110bab79ea94e31
SHA1

8ef76acaec7e77a4c23ed554ff6c7771b619561d
SHA256

f862e64e8ddcac24802d41445420018249eac617dcc7aeff80ff1ce0fde840d3
SHA512

3f931178594b7eea67f23ebcbae60f4c96e893cf366595bcc6181e1388808ca32066832ca6feddcf178366d8ed4a67ba8e7bf5f0eaaf7a25ed5b3e68227f828b
SSDEEP

24576:PAUdEHVP2KDbCazro5M1PmbvIDFxAOKFoK3SuNBYgrop9R:Rs1PmbQF4Gn

Score

N/A

Malware Config

Signatures

Files

f862e64e8ddcac24802d41445420018249eac617dcc7aeff80ff1ce0fde840d3
.exe windows x86

1eaaed33142341b8b4042c703d1e25cc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleA
CreateMailslotA
GetCPInfo
GetShortPathNameA
GlobalUnlock
ChangeTimerQueueTimer
ResumeThread
ExpandEnvironmentStringsA
MapViewOfFile
OpenThread
GetSystemDefaultLCID
SetConsoleActiveScreenBuffer
SetThreadLocale
GetThreadPriority
CreateFileMappingA
lstrcmpA
GetProcAddress
SetCurrentDirectoryW
GetProcessAffinityMask
LCMapStringW
GetLocaleInfoW
FindNextChangeNotification
GetCurrencyFormatA
GetProcessWorkingSetSize
CreateMailslotW
SetCalendarInfoA
CreateDirectoryExA
FindFirstFileExA
GetWindowsDirectoryA
GetSystemDirectoryW
OpenWaitableTimerA
GetThreadLocale
FindFirstFileA
OpenMutexW
FormatMessageA
CreateNamedPipeW
EnumCalendarInfoA
OpenJobObjectW
VirtualQuery
CreateJobObjectW
CopyFileExA
GetCompressedFileSizeA
GetPrivateProfileStructA
CreateFileMappingW
FoldStringA
MapViewOfFileEx
MoveFileExW
CreateToolhelp32Snapshot
GetNamedPipeHandleStateW
GetVolumeInformationW
CreateMutexA
FindResourceExA
CancelIo
GetNamedPipeHandleStateA
SuspendThread
WritePrivateProfileStringW
CreateEventA
GetCurrentDirectoryA
LoadResource
CreateSemaphoreW
GetDateFormatW
GetStringTypeA
GetExitCodeProcess
DeleteTimerQueueTimer
GetDiskFreeSpaceW
ConvertDefaultLocale
GetStartupInfoW
FlushInstructionCache
OpenFileMappingW
GetDiskFreeSpaceExW
GetFileSizeEx
AddAtomW
GetTimeFormatW
CreateJobObjectA
OpenFileMappingA
DefineDosDeviceW
GetComputerNameW
GetProfileIntW
DuplicateHandle
SetLocaleInfoW
Module32Next
GetTimeFormatA
FoldStringW
GetEnvironmentVariableA
ReadProcessMemory
RemoveDirectoryW
SetErrorMode
FlushViewOfFile
GetVolumeNameForVolumeMountPointA
GlobalAddAtomW
GetEnvironmentVariableW
PrepareTape
IsBadReadPtr
CreateProcessW
DeleteTimerQueue
GetNumberFormatW
CopyFileA
FreeEnvironmentStringsA
CreateFileW
VirtualAlloc
GetConsoleCP
RtlUnwind
GetHandleInformation
MoveFileWithProgressA
AssignProcessToJobObject
lstrcpyA
CreateTapePartition
GetPrivateProfileSectionNamesA
GetTempPathW
SetThreadPriority
TlsFree
GetDriveTypeW
GetTimeZoneInformation
GetSystemWindowsDirectoryW
GetProcessVersion
CreateSemaphoreA
GlobalLock
GetLocaleInfoA
GetCommandLineA
SetFileTime
GetUserDefaultLCID
IsBadWritePtr
CompareStringW
SetPriorityClass
IsDBCSLeadByteEx
GetStdHandle
CreateProcessA
GetDiskFreeSpaceExA
LoadLibraryExA
GetVersion
GetSystemDefaultUILanguage
lstrcmpW
OutputDebugStringW
GetFileInformationByHandle
GetPrivateProfileSectionW
GetPriorityClass
GetConsoleScreenBufferInfo
Toolhelp32ReadProcessMemory
EnumCalendarInfoExA
SetEndOfFile
SetConsoleTextAttribute
GetPrivateProfileSectionNamesW
SetThreadExecutionState
GetPrivateProfileStructW
ReplaceFileA
GetNumberOfConsoleInputEvents
Module32First
CreateDirectoryW
GetModuleHandleA

user32

CallWindowProcA
CheckRadioButton
FindWindowA
EnumChildWindows
GetWindowTextW
EnableMenuItem
MoveWindow
PeekMessageW
LoadAcceleratorsW
LoadIconW
GetAltTabInfoA
LoadImageA
UnregisterClassA
EnumThreadWindows
SetWindowRgn
IsWindowVisible
SendMessageW
ShowCursor
UpdateWindow
DialogBoxParamA
LoadStringA
MonitorFromWindow
PostMessageA
GetClassNameW
LoadIconA

comctl32

InitializeFlatSB
DestroyPropertySheetPage
ImageList_LoadImageA
ImageList_Replace
ImageList_EndDrag
CreateStatusWindowW
ImageList_Write
ImageList_DragEnter
InitCommonControlsEx
ImageList_DrawEx
CreatePropertySheetPageA
ImageList_SetBkColor
ImageList_SetImageCount
ImageList_LoadImageW
ImageList_Remove
FlatSB_GetScrollInfo
ImageList_GetBkColor
ImageList_AddMasked
ImageList_SetDragCursorImage
ImageList_Read
ImageList_SetIconSize
ImageList_GetIcon
FlatSB_SetScrollPos
ImageList_Destroy
ImageList_GetImageCount
ImageList_GetIconSize
FlatSB_SetScrollInfo
ord17
ImageList_DrawIndirect
_TrackMouseEvent
ImageList_DragMove
PropertySheetW
ImageList_BeginDrag
ImageList_Draw
ImageList_Copy
ImageList_ReplaceIcon
FlatSB_GetScrollPos
FlatSB_SetScrollProp
ImageList_Create
CreatePropertySheetPageW
ImageList_GetImageInfo
ImageList_DragLeave
ImageList_SetOverlayImage
ImageList_Add
ImageList_GetDragImage
PropertySheetA

shell32

SHBrowseForFolderW
SHGetSpecialFolderLocation
SHFileOperationW
SHBindToParent
CommandLineToArgvW
SHGetFolderPathW
SHGetMalloc
SHGetFileInfoW
SHChangeNotify
SHGetDesktopFolder
ShellExecuteW
SHGetSpecialFolderPathW
ShellExecuteExW

ole32

HICON_UserMarshal
CLSIDFromString
CoFreeUnusedLibraries
OleInitialize
HPALETTE_UserUnmarshal
WriteFmtUserTypeStg
CoRegisterMessageFilter
CoGetInterfaceAndReleaseStream
OleConvertIStorageToOLESTREAM
OleCreateFromFile
HBITMAP_UserUnmarshal
MonikerCommonPrefixWith
OleCreateLinkToFile
ReadClassStg
OleNoteObjectVisible
OleBuildVersion
CoCreateGuid
OleDraw
HICON_UserSize
StgSetTimes
CoGetObject
OleFlushClipboard
CoGetMalloc
OleRegGetUserType
CoEnableCallCancellation
CoGetCallContext
OleGetIconOfFile
OleCreateLinkFromData
StgCreatePropStg
CreateDataCache
CreateFileMoniker
StgCreateDocfileOnILockBytes
CoCopyProxy
CoLockObjectExternal
CoGetMarshalSizeMax

msvcrt

_except_handler3
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__initenv
exit
_cexit
_XcptFilter
_exit
_c_exit
memcmp

Sections

.text
Size: 737KB - Virtual size: 736KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 619KB - Virtual size: 619KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1eaaed33142341b8b4042c703d1e25cc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comctl32

shell32

ole32

msvcrt

Sections

.text Size: 737KB - Virtual size: 736KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 619KB - Virtual size: 619KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 737KB - Virtual size: 736KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 619KB - Virtual size: 619KB

.rsrc
Size: 14KB - Virtual size: 13KB