707784ff4ba0247de4bdaa5116d3f94674f6491e464752e671e8bbb22a6587fb

Sharing

Copy URL Twitter E-mail

General

Target

707784ff4ba0247de4bdaa5116d3f94674f6491e464752e671e8bbb22a6587fb
Size

144KB
MD5

72ba765c6700ff0fc2e24a8651b0d459
SHA1

4f301612e16481ca9278f656c0d3a4dc1a6fca24
SHA256

707784ff4ba0247de4bdaa5116d3f94674f6491e464752e671e8bbb22a6587fb
SHA512

17c35647856f186d44a32e92721a11c08bb9a950d97aadc6dd49753aebe226eadc8002e68d3799f2191d65385123d23f81a2ec43a2d3edaa371529ca41b83b5f
SSDEEP

1536:sTUMUiQIHKxxhP+MWgwdtl4I4mzdde2QYhCrTM9MJK75444IYWz9WCPBTOdO+DJ8:sdQhTvHM5aM9MJKoWz7Q7BE

Score

N/A

Malware Config

Signatures

Files

707784ff4ba0247de4bdaa5116d3f94674f6491e464752e671e8bbb22a6587fb
.exe windows x86

faa6445bbf7d459182da3be1db23c2cc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc

ole32

CoTaskMemFree
CoCreateInstance
StgOpenStorage
CoInitialize
GetRunningObjectTable
StgIsStorageFile
StringFromCLSID
CoCreateGuid
CreateItemMoniker
CoUninitialize

gdi32

CreateDIBitmap
RealizePalette
GetDeviceCaps
CreatePalette
GetSystemPaletteEntries
GetStockObject
DeleteObject
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
CreateSolidBrush
CreateFontIndirectA
GetObjectA
SetTextColor
SetBkMode
GetTextExtentPointA
SelectPalette
TranslateCharsetInfo

kernel32

InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetUnhandledExceptionFilter
LocalHandle
OpenMutexA
GetVolumeNameForVolumeMountPointW
ContinueDebugEvent
CommConfigDialogW
LCMapStringA
RemoveDirectoryW
CloseHandle
CreateFileA
ExitProcess
GetFileType
GetSystemTime
GetFileSize
GetStdHandle
RaiseException
ReadFile
RtlUnwind
SetEndOfFile
SetFilePointer
WriteFile
GetCommandLineA
GetLastError
GetModuleHandleA
MultiByteToWideChar
TlsGetValue
TlsSetValue
WideCharToMultiByte
LocalAlloc
LocalFree
VirtualAlloc
VirtualFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
IsBadCodePtr
LCMapStringW
GetStringTypeW
GetStringTypeA
IsBadReadPtr
FindClose
VirtualQuery
VirtualProtect
FindFirstFileA
SearchPathA
lstrcpynA
SetEvent
ResetEvent
QueryPerformanceCounter
SystemTimeToFileTime
HeapFree
HeapAlloc
SetStdHandle
TerminateProcess
GetStartupInfoA
GetVersion
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsAlloc
GetEnvironmentVariableA
HeapDestroy
HeapCreate
IsBadWritePtr
GetCPInfo
GetACP
GetEnvironmentStringsW
GetOEMCP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
SizeofResource
LoadResource
MoveFileA
GetPrivateProfileSectionA
WritePrivateProfileStringA
GetTempFileNameA
GetWindowsDirectoryA
SetErrorMode
GetTempPathA
GetPrivateProfileIntA
ExpandEnvironmentStringsA
lstrcmpiA
GetTickCount
GetExitCodeThread
CreateThread
CopyFileA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
lstrlenA
GetPrivateProfileStringA
lstrcpyA
GetLocaleInfoA
GetCurrentThread
GetCurrentProcess
GetExitCodeProcess
RemoveDirectoryA
GetFileAttributesA
CreateDirectoryA
GetDriveTypeA
OpenFile
_lclose
GetDiskFreeSpaceA
FormatMessageA
FlushFileBuffers
IsValidCodePage
GetSystemInfo
WaitForSingleObject
lstrlenW
DeleteFileA
SetCurrentDirectoryA
SetLastError
GlobalHandle
GetSystemDefaultLCID
lstrcmpA
GetModuleFileNameA
CreateProcessA
FindResourceA
FreeLibrary
SetFileAttributesA
LockResource
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
LoadLibraryA
GetProcAddress
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
CompareStringA
Sleep
GetVersionExA
CompareStringW
CreateEventA
lstrcatA
QueryPerformanceFrequency
GetSystemTimeAsFileTime
InterlockedIncrement
InterlockedDecrement
GetModuleHandleW
TlsFree
IsDebuggerPresent
GetCurrentProcessId

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 129.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

faa6445bbf7d459182da3be1db23c2cc

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

ole32

gdi32

kernel32

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 5KB - Virtual size: 129.0MB

.rsrc Size: 58KB - Virtual size: 58KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 5KB - Virtual size: 129.0MB

.rsrc
Size: 58KB - Virtual size: 58KB