ad2db44c66b5a514dbd6507d37d14666437794f26d80e7b56496eb85e50b1743

Sharing

Copy URL

Twitter E-mail

General

Target

ad2db44c66b5a514dbd6507d37d14666437794f26d80e7b56496eb85e50b1743
Size

142KB
MD5

0bf1bcbe48b517b79c71232b987eed56
SHA1

466f91dfdf88f48cf2b305659d2a8f7210a25d96
SHA256

ad2db44c66b5a514dbd6507d37d14666437794f26d80e7b56496eb85e50b1743
SHA512

82fb8b8e913765d7ab8e1768f59cc8b6fbbda02b3900f0c10e2eb351a2efa6618a6aac45d14c2cee5a971384511c17e75d1919908b57ff3fa614e4c824ce305f
SSDEEP

3072:LehlJa7H1orX0GliLNyVOJsD5tVXAJOQE6O7:S9X0Glifcbx

Score

N/A

Malware Config

Signatures

Files

ad2db44c66b5a514dbd6507d37d14666437794f26d80e7b56496eb85e50b1743
.exe windows x86

892b09da5e372a429e175f77427c15d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawEdge
GetDC

shell32

ShellExecuteA

advapi32

LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyExA
AdjustTokenPrivileges

gdi32

CreateDIBSection
CreateFontIndirectA
SetBkMode
CreatePatternBrush
SetTextColor
CreatePen
CreateBrushIndirect
SelectObject
BitBlt

opengl32

glRasterPos3dv
wglUseFontBitmapsA
glLoadMatrixf
glRectiv
glRasterPos4s
glTexCoord4f
glRasterPos4f
glLightiv

comctl32

ImageList_GetIcon

winmm

PlaySoundA

kernel32

HeapSize
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
SetFilePointerEx
MultiByteToWideChar
LCMapStringA
AssignProcessToJobObject
InitAtomTable
GlobalUnfix
LocalShrink
ResetEvent
SetLastError
DefineDosDeviceW
GetTapeParameters
GetComputerNameExW
RtlCaptureStackBackTrace
GetDevicePowerState
TransmitCommChar
GetProcessId
GetEnvironmentStrings
GetExitCodeProcess
LockFile
GetLastError
SetStdHandle
GetModuleFileNameA
GetNumaNodeProcessorMask
ConvertThreadToFiber
PostQueuedCompletionStatus
TlsGetValue
GetCommTimeouts
GetProcessIoCounters
CancelWaitableTimer
ReleaseSemaphore
CreateNamedPipeW
EncodePointer
QueryMemoryResourceNotification
GlobalUnlock
SetHandleInformation
GetCommandLineA
CloseHandle
GetThreadPriorityBoost
ClearCommError
SetProcessPriorityBoost
SetProcessWorkingSetSize
GetProcessHeap
LocalCompact
GetCommandLineW
GlobalWire
GetCurrentThread
GetCurrentProcess
SetMessageWaitingIndicator
EncodeSystemPointer
FlushFileBuffers
RequestWakeupLatency
UnlockFileEx
LocalUnlock
SetProcessShutdownParameters
GetNamedPipeHandleStateW
DisconnectNamedPipe
CreateFiberEx
DecodeSystemPointer
SetPriorityClass
ReleaseMutex
PulseEvent
WTSGetActiveConsoleSessionId
GetFileTime
RequestDeviceWakeup
CreateFileMappingW
GlobalDeleteAtom
IsWow64Process
CreateIoCompletionPort
FlushInstructionCache
PeekNamedPipe
GetProcessVersion
GetCurrentProcessId
GetProcessAffinityMask
ResetWriteWatch
GetNamedPipeHandleStateA
ClearCommBreak
RemoveVectoredExceptionHandler
FindVolumeClose
ConvertFiberToThread
FreeResource
SetMailslotInfo
CreateTapePartition
GetFileSize
UnlockFile
GetFileAttributesExW
GetProcessTimes
CreateFiber
OpenProcess
GetCurrentThreadId
SetCommMask
ReplaceFileW
DisableThreadLibraryCalls
SetCommBreak
SetFileApisToOEM
GetThreadTimes
CreateMemoryResourceNotification
SetHandleCount
GlobalUnWire
GetHandleInformation
CheckRemoteDebuggerPresent
GlobalCompact
VirtualAlloc
GetTapeStatus
GetCommModemStatus
GetLogicalDrives
SetInformationJobObject
IsSystemResumeAutomatic
GetStdHandle
MapUserPhysicalPagesScatter
MapUserPhysicalPages
UpdateResourceW
MulDiv
GetProcessPriorityBoost
GetModuleFileNameW
IsProcessInJob
GetNamedPipeInfo
SetSystemTimeAdjustment
GetWriteWatch
FindNextChangeNotification
GetFileInformationByHandle
GetMailslotInfo
QueryInformationJobObject
GetCommMask
ReplaceFileA
GetProcessWorkingSetSize
GetExitCodeThread
PrepareTape
GetProcessHandleCount
FindFirstFileExW
GetThreadContext
GetSystemTime
HeapFree
GetTimeZoneInformation
lstrcmpA
lstrcatA
GetVersion
_lread
ExitThread
_lwrite
GlobalAlloc
CreateEventA
Sleep
WaitForSingleObject
GetTimeFormatA
OpenMutexA
GetVersionExA
GlobalFree
SetTimerQueueTimer
GlobalHandle
WaitForMultipleObjectsEx
FindFirstFileA
RemoveDirectoryA
CreateSemaphoreA
GetCalendarInfoW
GetStartupInfoA
GetProcAddress
GetModuleHandleA
SetUnhandledExceptionFilter
GetModuleHandleW
ExitProcess
WriteFile
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
GetFileType
DeleteCriticalSection
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSectionAndSpinCount
HeapAlloc
HeapReAlloc
RtlUnwind

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 37.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

892b09da5e372a429e175f77427c15d8

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

advapi32

gdi32

opengl32

comctl32

winmm

kernel32

Sections

.text Size: 97KB - Virtual size: 97KB

.data Size: 7KB - Virtual size: 37.3MB

.rsrc Size: 37KB - Virtual size: 36KB

.text
Size: 97KB - Virtual size: 97KB

.data
Size: 7KB - Virtual size: 37.3MB

.rsrc
Size: 37KB - Virtual size: 36KB