ff24d4c7846e7c4dda7c95490e659b7bb6207d33d033ac05fa4b5aa200153966

Sharing

Copy URL Twitter E-mail

General

Target

ff24d4c7846e7c4dda7c95490e659b7bb6207d33d033ac05fa4b5aa200153966
Size

428KB
MD5

5bc4ec7b14c944d12db80bcb57281151
SHA1

609eec6bee81f936f4906190383ff44d49f4724a
SHA256

ff24d4c7846e7c4dda7c95490e659b7bb6207d33d033ac05fa4b5aa200153966
SHA512

ed153c9a93fbd05bed78aef66072cef0ae72fb3243b940e2f2b489d90d0f0ca94887497dd0964a70684883f28aaa2950612bf7b1d06d0bde8b9933d942632d6d
SSDEEP

12288:bERImch6KWrAAQEqYWGSOHKSy1uRt7MwR:gRLNQjYWzOqBWMw

Score

N/A

Malware Config

Signatures

Files

ff24d4c7846e7c4dda7c95490e659b7bb6207d33d033ac05fa4b5aa200153966
.exe windows x86

464c077caa3fc0054f7447a006c5af1e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

kernel32

WriteConsoleW
SetStdHandle
HeapReAlloc
LoadLibraryW
GetStringTypeW
LCMapStringW
GetConsoleMode
GetConsoleCP
SetFilePointer
FlushFileBuffers
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetModuleHandleA
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
CreateFileA
GetFileSize
GlobalAlloc
GlobalLock
ReadFile
GlobalUnlock
CloseHandle
GetProcessHeap
GetLastError
HeapAlloc
HeapCreate
HeapFree
lstrlenA
MultiByteToWideChar
FormatMessageA
GetProcAddress
FreeLibrary
GetCurrentThread
HeapSize
GetCurrentProcess
GetStdHandle
CreateFileW
WriteFile
ExitProcess
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
IsDebuggerPresent
GetTickCount
LoadLibraryA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RaiseException
RtlUnwind
GetCommandLineA
HeapSetInformation
GetStartupInfoW
IsProcessorFeaturePresent
EncodePointer
DecodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetCurrentThreadId
InterlockedDecrement
TerminateProcess

user32

GetSubMenu
BeginDeferWindowPos
GetDlgItem
CharUpperA
DefWindowProcA
KillTimer
GetDialogBaseUnits
GetWindowRect
MonitorFromRect
SetWindowTextA
SetMenu
IsWindow
CreateWindowExA
SendMessageA
GetMessageA
OffsetRect
FindWindowExA
DeferWindowPos
EndDeferWindowPos
GetMenu
GetWindowLongA
LoadStringA
MessageBoxA
GetSystemMetrics
DrawFrameControl
CopyRect
DrawTextA
SetTimer
FindWindowA
GetWindowThreadProcessId
FindWindowExW
GetWindowTextW
IsWindowEnabled

gdi32

CreateCompatibleDC
DeleteDC
GetObjectA
CreateBitmapIndirect
SelectObject
StretchBlt
DeleteObject
CreateCompatibleBitmap
CreateICA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

OpenThreadToken
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
CryptExportKey

ole32

CoCreateInstance
CreateStreamOnHGlobal
CoInitialize
CreateILockBytesOnHGlobal

oleaut32

OleSavePictureFile
OleLoadPicture
VariantInit

shlwapi

StrStrIA

activeds

ord3

snmpapi

SnmpUtilMemAlloc

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 351KB - Virtual size: 351KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

464c077caa3fc0054f7447a006c5af1e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

shlwapi

activeds

snmpapi

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 351KB - Virtual size: 351KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 351KB - Virtual size: 351KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 7KB - Virtual size: 6KB