ad6b58b27b8948845ccfa69bcfcc1b10d6aa7a27a371ee3e61453925288c6a46

Sharing

Copy URL Twitter E-mail

General

Target

ad6b58b27b8948845ccfa69bcfcc1b10d6aa7a27a371ee3e61453925288c6a46
Size

1.2MB
MD5

c39b033a55856e331ecab5d5e384c611
SHA1

20594ab98a85d1ae02dc1fe29fa257b5f64f0d1f
SHA256

ad6b58b27b8948845ccfa69bcfcc1b10d6aa7a27a371ee3e61453925288c6a46
SHA512

6865a79cb79ff3ede399a3b4f7b91bb8952e85b02d7e7a2f02ad588f15f241f6a0e23fe6fcb387e93499ae7568fbff3e8caf25321aa94e1a6d1ed0265560646d
SSDEEP

24576:AiY3d94bfij9H4IkZaOy70oYK6luJkJK0FZ+3i8V7tViWw/CsMmh:Av3d90fY9xGydgYpLsh

Score

N/A

Malware Config

Signatures

Files

ad6b58b27b8948845ccfa69bcfcc1b10d6aa7a27a371ee3e61453925288c6a46
.exe windows x86

fc905bafc8b6d4e1b0f3afa965e63158

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
HeapReAlloc
IsBadWritePtr
RtlUnwind
InterlockedExchange
VirtualQuery
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetLocaleInfoA
VirtualProtect
GetSystemInfo
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalMemoryStatus
Sleep
CreateEventA
GetDiskFreeSpaceA
CloseHandle
CreateFileA
GetFileAttributesA
EnterCriticalSection
FindFirstFileA
InitializeCriticalSection
FindNextFileA
CreateProcessA
GetDriveTypeA
GetLogicalDriveStringsA
SetEvent
ResetEvent
WaitForMultipleObjects
GetUserDefaultLangID
GetLocalTime
lstrcpynA
SetUnhandledExceptionFilter
IsBadReadPtr
FormatMessageA
CompareFileTime
FindResourceA
LoadResource
SizeofResource
LockResource
WaitForSingleObject
DeleteFileA
MulDiv
FileTimeToSystemTime
FileTimeToLocalFileTime
SetConsoleCtrlHandler
ExitThread
CreateThread
SetStdHandle
FlushFileBuffers
SetEndOfFile
SetFilePointer
LeaveCriticalSection
HeapFree
VirtualFree
HeapCreate
CreateDirectoryA
GetFileSize
FreeLibrary
IsDBCSLeadByte
SetFileAttributesA
GetComputerNameA
HeapAlloc
GetCPInfo
GetOEMCP
GetACP
FindClose
LoadLibraryA
HeapDestroy
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
SetLastError
TlsAlloc
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
GetModuleHandleA
WriteFile
GetCurrentProcess
TerminateProcess
GetProcAddress
ExitProcess
GetVersionExA
GetCommandLineA
GetStartupInfoA
ReadFile
RaiseException

user32

EnableWindow
GetDlgItem
GetWindowLongA
GetClientRect
SendDlgItemMessageA
SetActiveWindow
SetWindowTextA
GetSysColor
InvalidateRect
SetWindowLongA
OffsetRect
GetFocus
DrawTextA
ScreenToClient
MessageBoxA
EndPaint
GetMessageA
SetCapture
GetKeyState
BeginPaint
TranslateMessage
SetCursorPos
PeekMessageA
TranslateAcceleratorA
DefWindowProcA
GetCursorPos
SetTimer
ReleaseCapture
DestroyAcceleratorTable
CopyAcceleratorTableA
CreateAcceleratorTableA
GetClassNameA
GetForegroundWindow
GetWindow
GetWindowRect
GetDC
ShowCursor
ReleaseDC
EndDialog
SetWindowPos
DialogBoxParamA
SetDlgItemTextA
WaitForInputIdle
GetDesktopWindow
GetParent
EnumWindows
PostMessageA
GetWindowThreadProcessId
SetCursor
RegisterClassExA
GetTopWindow
LoadCursorA
FindWindowA
UpdateWindow
LoadImageA
KillTimer
SendMessageA
GetActiveWindow
SetRect
DispatchMessageA
GetSystemMetrics
IsIconic
LoadStringA
LoadAcceleratorsA
ClientToScreen
ClipCursor
ShowWindow
CreateWindowExA
SetFocus
LoadIconA
SetForegroundWindow
GetLastActivePopup
PtInRect

gdi32

SetTextColor
GetTextExtentPoint32A
CreateFontA
DeleteDC
SetBkColor
SetTextAlign
MoveToEx
CreateFontIndirectA
SelectObject
GetPaletteEntries
CreateCompatibleDC
GetTextExtentExPointA
GetTextMetricsA
GetObjectA
ExtTextOutA
GetDeviceCaps
TextOutA
Rectangle
CreateCompatibleBitmap
SetBkMode
GetBitmapBits
DeleteObject
GetStockObject

advapi32

GetUserNameA
RegDeleteValueA
RegOpenKeyExA
FreeSid
AddAccessAllowedAce
AllocateAndInitializeSid
InitializeAcl
AddAccessDeniedAce
GetTokenInformation
OpenProcessToken

imm32

ImmGetContext
ImmReleaseContext
ImmGetCompositionStringA
ImmAssociateContext
ImmSetCompositionStringA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

shell32

FindExecutableA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA

storm

ord508
ord114
ord313
ord457
ord458
ord454
ord463
ord123
ord133
ord101
ord102
ord138
ord118
ord117
ord120
ord276
ord274
ord267
ord265
ord269
ord325
ord323
ord145
ord342
ord442
ord253
ord465
ord494
ord109
ord113
ord130
ord119
ord139
ord144
ord107
ord106
ord281
ord280
ord321
ord260
ord453
ord255
ord451
ord257
ord256
ord258
ord127
ord121
ord462
ord122
ord128
ord105
ord146
ord143
ord116
ord502
ord425
ord222
ord208
ord224
ord346
ord357
ord125
ord421
ord424
ord264
ord275
ord261
ord137
ord115
ord426
ord134
ord141
ord628
ord606
ord638
ord510
ord492
ord495
ord609
ord624
ord428
ord279
ord112
ord389
ord206
ord211
ord385
ord390
ord383
ord216
ord314
ord386
ord393
ord221
ord431
ord434
ord445
ord266
ord422
ord142
ord506
ord571
ord509
ord501
ord572
ord578
ord503
ord423
ord403
ord401
ord272
ord268
ord103
ord252
ord468
ord437
ord351
ord440
ord354
ord438
ord436
ord443
ord356
ord350
ord432
ord523
ord529
ord524
ord525
ord331
ord334
ord332
ord452
ord491

Sections

.text
Size: 1012KB - Virtual size: 1011KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc905bafc8b6d4e1b0f3afa965e63158

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

imm32

version

shell32

storm

Sections

.text Size: 1012KB - Virtual size: 1011KB

.rdata Size: 56KB - Virtual size: 53KB

.data Size: 64KB - Virtual size: 1.8MB

.rsrc Size: 56KB - Virtual size: 55KB

.text
Size: 1012KB - Virtual size: 1011KB

.rdata
Size: 56KB - Virtual size: 53KB

.data
Size: 64KB - Virtual size: 1.8MB

.rsrc
Size: 56KB - Virtual size: 55KB