664d77947ae750beae1c3ec288f6ef66e7f07e8e199073ee6926a38aa258eb24

Sharing

Copy URL Twitter E-mail

General

Target

664d77947ae750beae1c3ec288f6ef66e7f07e8e199073ee6926a38aa258eb24
Size

191KB
MD5

62aedb88b38d48aa07608d8144533ae8
SHA1

dc48b6312174dfedda7f3ae60416efccf9f55802
SHA256

664d77947ae750beae1c3ec288f6ef66e7f07e8e199073ee6926a38aa258eb24
SHA512

8120d9f1d9d24e7805e77d55ad18c10169f297f92701483ecddc4f13400faae9f1571e0cca5c9b8e46efe774491d739b5930a2eb7bbba28661da8d5464aa64ea
SSDEEP

3072:gl01b7yt4ZAtHaKKN8xRFmSAnCAg0FuwNYX0JGwSwEEU2khrj:yAY4/KKFSAnCAOeslrj

Score

N/A

Malware Config

Signatures

Files

664d77947ae750beae1c3ec288f6ef66e7f07e8e199073ee6926a38aa258eb24
.exe windows x86

be0ffe2f65e79e2f30207e8cb0d3ab8a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateWindowExA
WindowFromPoint
WaitMessage
ValidateRect
UpdateWindow
UnregisterClassA
UnionRect
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
TabbedTextOutA
CreateIconFromResourceEx
CreateIcon
CreateDialogIndirectParamA
CreateCaret
CloseClipboard
ClientToScreen
ChildWindowFromPoint
CheckMenuItem
ChangeClipboardChain
CallWindowProcA
CallNextHookEx
BringWindowToTop
BeginPaint
CharLowerBuffA
CharLowerA
CharUpperBuffA
CharToOemA
AdjustWindowRectEx
ActivateKeyboardLayout
GetKeyboardType
DestroyWindow
LoadStringA
MessageBoxA
CharNextA

shell32

ShellExecuteA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

kernel32

SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CloseHandle
ReadFile
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapSize
GetLocaleInfoW
RaiseException
LoadLibraryA
InitializeCriticalSectionAndSpinCount
HeapReAlloc
HeapAlloc
LCMapStringW
LCMapStringA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
CreateFileA
GetProcAddress
VirtualAlloc
GetSystemTimeAsFileTime
InterlockedIncrement
InterlockedDecrement
GetCommandLineA
GetStartupInfoA
GetCPInfo
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
Sleep
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
GetModuleHandleA
RtlUnwind
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 29.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be0ffe2f65e79e2f30207e8cb0d3ab8a

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

advapi32

kernel32

Sections

.text Size: 115KB - Virtual size: 115KB

.rdata Size: 38KB - Virtual size: 38KB

.data Size: 8KB - Virtual size: 29.9MB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 115KB - Virtual size: 115KB

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 8KB - Virtual size: 29.9MB

.rsrc
Size: 28KB - Virtual size: 28KB