8f8649487e90e64ff9c7e6e804180894b9a372f63a6c011a0d3644f6fbb78248

Sharing

Copy URL Twitter E-mail

General

Target

8f8649487e90e64ff9c7e6e804180894b9a372f63a6c011a0d3644f6fbb78248
Size

823KB
MD5

883b7d765fa5dae1ac10e671f00d8b87
SHA1

c44b00c025bc942d0aee1bb7d72589d93ac279f4
SHA256

8f8649487e90e64ff9c7e6e804180894b9a372f63a6c011a0d3644f6fbb78248
SHA512

5f0304e394d6f37f24f44a1aa43a9da968c4ca9d726be10380044c06969794057c86dab3cdf8a1cfec3dd2a8c2655945913e78d5da4e658f775c617afc4653be
SSDEEP

12288:LI/M2AsZQSUQsZAQ+txovBEyna+hBfUjGorZHch4hgxa:LIU2tO7Q4Samyna+3EGcZG4hx

Score

N/A

Malware Config

Signatures

Files

8f8649487e90e64ff9c7e6e804180894b9a372f63a6c011a0d3644f6fbb78248
.exe windows x86

61dc916334668c7fcc9252998401a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetModuleFileNameA
HeapDestroy
LoadLibraryW
GetCurrentProcessId
GetProcessHeap
SetLastError
InterlockedDecrement
FreeLibrary
LoadLibraryW
CreateThread
InterlockedExchange
LocalFree
MultiByteToWideChar
GetCurrentProcess
LoadLibraryA
VirtualProtect
lstrcmpiW
lstrlenA
VirtualAlloc
ReadFile
GetVersionExA
LocalAlloc
GetModuleFileNameW
VirtualProtect
CreateFileW
lstrcmpiW
GetModuleFileNameA
HeapAlloc
QueryPerformanceCounter
VirtualProtect
GetLastError
GetModuleFileNameA
MultiByteToWideChar
LocalAlloc
FreeLibrary
UnhandledExceptionFilter
GetModuleHandleW
LocalAlloc
GetLastError
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
LoadLibraryA
HeapAlloc
GetCurrentProcess
lstrcmpiW
GetModuleHandleA
LocalAlloc
DeleteCriticalSection
HeapFree
InterlockedExchange
GetTickCount
EnterCriticalSection
VirtualAlloc
LoadLibraryW
EnterCriticalSection
LocalAlloc
HeapDestroy
GetTickCount
GetCurrentThreadId
LeaveCriticalSection
lstrlenA
GetProcAddress
VirtualProtect
DisableThreadLibraryCalls
GetCurrentThreadId
LoadLibraryW
InterlockedDecrement
GetCurrentProcessId
CreateThread
LeaveCriticalSection
GetModuleFileNameW
lstrlenA
EnterCriticalSection
LoadLibraryW
GetProcAddress
HeapDestroy
LoadLibraryW
CreateFileW
SetLastError
VirtualProtect
FreeLibrary
LocalFree
GetCurrentProcessId
InitializeCriticalSection
InterlockedExchange
CreateFileW
CreateThread
GetCurrentThreadId
InterlockedDecrement
LocalFree
HeapAlloc
InterlockedExchange
CloseHandle
GetSystemTimeAsFileTime
GetModuleHandleA
HeapAlloc
DisableThreadLibraryCalls
GetModuleHandleA
GetModuleHandleA
VirtualAlloc

user32

SendMessageW
SetDlgItemTextW
EnableWindow
IsWindow
BeginPaint
SetCursor
GetWindowLongW
GetParent
MessageBoxW
GetParent
IsDlgButtonChecked
GetDesktopWindow
GetClientRect
ReleaseDC
GetDesktopWindow
DialogBoxParamW
CreateWindowExW
SetTimer
CreateWindowExW
ShowWindow
BeginPaint
SetForegroundWindow
wsprintfA
ShowWindow
SetWindowPos
SetCursor
IsDlgButtonChecked
GetFocus
LoadCursorW
MessageBoxW
SetFocus
CharNextW
GetDlgItem
GetSystemMetrics
GetSystemMetrics
SetTimer
DialogBoxParamW
BeginPaint
GetParent
wsprintfA
SetWindowPos
ShowWindow
LoadCursorW
GetDlgItem
SetTimer
SetForegroundWindow
DestroyWindow
GetWindowLongW
DialogBoxParamW
PeekMessageW
GetSysColor
GetWindowRect
LoadStringW
IsWindow
SetDlgItemTextW
LoadIconW
IsDlgButtonChecked
SendDlgItemMessageW
KillTimer
wsprintfA
DialogBoxParamW
DispatchMessageW
wsprintfA
SetCursor
PostQuitMessage
DispatchMessageW
DispatchMessageW
GetDC
IsDlgButtonChecked
PostQuitMessage
GetDlgItem
CharNextW
GetParent
EndDialog
SetWindowTextW
DialogBoxParamW
GetFocus
wsprintfA
SendDlgItemMessageW
CreateWindowExW
wsprintfA
MessageBoxW
BeginPaint
KillTimer
EndDialog
GetClientRect
DestroyWindow
InvalidateRect
SendMessageW
EndDialog
DispatchMessageW
IsDlgButtonChecked
LoadIconW
SetTimer
InvalidateRect
LoadIconW
KillTimer
SetFocus
GetSystemMetrics
CharNextW
GetWindowRect
SetWindowTextW

Sections

.text
Size: 734KB - Virtual size: 992KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 82KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61dc916334668c7fcc9252998401a744

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 734KB - Virtual size: 992KB

.data Size: - Virtual size: 4KB

.rdata Size: 5KB - Virtual size: 8KB

.rsrc Size: 82KB - Virtual size: 84KB

.text
Size: 734KB - Virtual size: 992KB

.data
Size: - Virtual size: 4KB

.rdata
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 82KB - Virtual size: 84KB