4132b71a08101e92401fc36ab0f81557d08ea6791f3c485d25f17ab8238cab12

Sharing

Copy URL Twitter E-mail

General

Target

4132b71a08101e92401fc36ab0f81557d08ea6791f3c485d25f17ab8238cab12
Size

507KB
MD5

5d68ea9fc4d608d46c45ca0bbda9d159
SHA1

ce1a37c4e86caa5e6b0e74f9250f2b850daaae16
SHA256

4132b71a08101e92401fc36ab0f81557d08ea6791f3c485d25f17ab8238cab12
SHA512

2a5b45d65981e98a914a81c7e39eae207e02a835496ee72d82f186194bdf27563b7c95fb44b2587f2fa1dc0568fb0270096f3452a9bb1e5e49b0fb936bb6211c
SSDEEP

12288:IGOpNHf6MhaCfv2mVdWXuN0iCe+rIOhpkIv7aO3:InNHHsCfeYWeNdU8eao

Score

N/A

Malware Config

Signatures

Files

4132b71a08101e92401fc36ab0f81557d08ea6791f3c485d25f17ab8238cab12
.exe windows x86

175e27473248ce294da3863c28e8e413

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_APPCONTAINER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

GetConsoleMode
GetConsoleCP
FlushFileBuffers
LoadLibraryW
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
RtlUnwind
GetStringTypeW
HeapFree
HeapQueryInformation
HeapSize
HeapReAlloc
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
SetFilePointer
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetModuleHandleW
GetProcAddress
TlsFree
GetCurrentThreadId
DecodePointer
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
LCMapStringW
IsBadReadPtr
HeapValidate
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
HeapSetInformation
RaiseException
SetStdHandle
LocalFree
ExitProcess
GetCurrentProcessId
CloseHandle
CreateToolhelp32Snapshot
GetModuleHandleA
LocalAlloc
Process32Next
GetLastError
HeapCreate
WideCharToMultiByte
WriteFile
FormatMessageA
GetProcessHeap
GetCommandLineA
Process32First
HeapAlloc
CreateFileA
GetModuleFileNameW
CreateFileW

user32

GetWindow
EndPaint
DestroyWindow
GetWindowRect
InsertMenuItemA
PostQuitMessage
GetTopWindow
DrawTextW
DrawTextA
GetSubMenu
GetParent
LoadMenuA
LoadIconA
wsprintfA
GetClientRect
GetWindowTextLengthA
SendMessageA
BeginPaint
GetDC
GetWindowTextA
SetRect
MessageBoxA
InvalidateRect
GetWindowLongA
ReleaseDC
GetDlgItem
DefWindowProcA
GetSysColor
LoadAcceleratorsA
ShowWindow
IsDlgButtonChecked
CheckRadioButton
MessageBoxW
LoadImageA
UpdateWindow
EnableWindow
DestroyMenu
LoadCursorA
DestroyIcon
SetDlgItemTextA
GetWindowThreadProcessId
RegisterClassA

gdi32

SetTextColor
DeleteDC
CreateFontA
CreateFontIndirectA
DeleteObject
SelectObject
CreateFontW
GetStockObject
CreateSolidBrush
EnumFontsA
CreatePen

ole32

CoTaskMemAlloc
CoTaskMemFree

crypt32

CertGetNameStringA

comctl32

ImageList_ReplaceIcon

Sections

.text
Size: 220KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 250KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

175e27473248ce294da3863c28e8e413

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

ole32

crypt32

comctl32

Sections

.text Size: 220KB - Virtual size: 220KB

.rdata Size: 250KB - Virtual size: 250KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 31KB - Virtual size: 30KB

.text
Size: 220KB - Virtual size: 220KB

.rdata
Size: 250KB - Virtual size: 250KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 31KB - Virtual size: 30KB