196dc109a644232e5ff29b6974218100d7d894971f7df08187b3e172c988934f

Sharing

Copy URL

Twitter E-mail

General

Target

196dc109a644232e5ff29b6974218100d7d894971f7df08187b3e172c988934f
Size

333KB
MD5

f96912972380e49d68b8fdd318252ae8
SHA1

d5847ec6af8c6f47180d14d8cea838abed9749fa
SHA256

196dc109a644232e5ff29b6974218100d7d894971f7df08187b3e172c988934f
SHA512

63713aa580b064e5552dcf3e76f3d2d7bdfb57686dabc3678b52d68c129039e264833227d4ae9bc50cc54296da4b03afa77d3ce854c18f2708a2130f9fc20606
SSDEEP

6144:ajXE2vQW9+s+wgAYMB41hfR3etVAVel31+OLec1XeaNgdOLxAh:GXEJ2+wjYMBC1AVA4ZbO6xAh

Score

N/A

Malware Config

Signatures

Files

196dc109a644232e5ff29b6974218100d7d894971f7df08187b3e172c988934f
.exe windows x86

000491a1d1b902300cad928832fe2091

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStringTypeW
LCMapStringW
HeapQueryInformation
HeapSize
HeapReAlloc
MultiByteToWideChar
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
GetFileType
SetHandleCount
ReadFile
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointer
SetStdHandle
CreateFileW
TlsGetValue
TlsSetValue
GetCurrentThreadId
TlsFree
SetLastError
GetLastError
GetProcessHeaps
GetProcessHeap
HeapAlloc
HeapFree
_lcreat
_lwrite
_lclose
HeapCreate
FindResourceA
LoadResource
LockResource
SizeofResource
GetModuleFileNameW
lstrcpyW
GetPrivateProfileSectionW
GetPrivateProfileIntW
CreateFileA
DeviceIoControl
CloseHandle
CreateProcessA
WaitForSingleObject
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
TlsAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
LoadLibraryW
FreeLibrary
IsValidCodePage
_lopen
GetModuleHandleA
VirtualQuery
GetCPInfo
GetOEMCP
GetACP
GetStdHandle
WriteFile
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
LocalFree
RaiseException
RtlUnwind
DecodePointer
GetProcAddress
GetModuleHandleW
ExitProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
EncodePointer
InitializeCriticalSectionAndSpinCount
HeapValidate
IsBadReadPtr
IsProcessorFeaturePresent
TerminateProcess

user32

GetMessageA
DispatchMessageA
RegisterClassExA
wsprintfA
EnumWindowStationsW
GetClientRect
GetDialogBaseUnits
SetMenuItemInfoW
CreateWindowExA
UpdateWindow
SendMessageA
FillRect
GetIconInfo
GetDC
ReleaseDC
GetDlgItem
GetDesktopWindow
GetMenuCheckMarkDimensions
IsWindow
SetScrollInfo
SetScrollPos
WindowFromPoint
GetDlgCtrlID
GetWindowContextHelpId
MessageBoxA
GetWindowRect
ScreenToClient
SetRect
DestroyWindow

gdi32

CreateMetaFileA
SetMapMode
SetWindowExtEx
SetWindowOrgEx
CreateICA
CreateCompatibleDC
DeleteDC
GetObjectA
SelectObject
StretchBlt
DeleteObject
CreateDCA
GetDeviceCaps
CreateCompatibleBitmap
BitBlt
GetDIBits
SelectPalette
CreateBitmap
PatBlt
StartPage
EndPage
EndDoc
ExcludeClipRect
CreateSolidBrush
SelectClipRgn
TextOutA
GetStockObject
CreateFontIndirectA
SetTextAlign
StartDocA
SetViewportOrgEx
CreateBitmapIndirect

comdlg32

GetOpenFileNameA
PrintDlgA

advapi32

RegCloseKey
AreAnyAccessesGranted
AdjustTokenPrivileges

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
VariantClear

psapi

GetPerformanceInfo

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

shlwapi

StrToIntExA
AssocCreate
PathFindExtensionW

comctl32

ord6
ord17

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA

Exports

Exports

In

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

000491a1d1b902300cad928832fe2091

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

psapi

userenv

shlwapi

comctl32

setupapi

Exports

Exports

Sections

.text Size: 147KB - Virtual size: 146KB

.rdata Size: 135KB - Virtual size: 134KB

.data Size: 10KB - Virtual size: 17KB

.text1 Size: 11KB - Virtual size: 10KB

.rsrc Size: 15KB - Virtual size: 14KB

.reloc Size: 14KB - Virtual size: 14KB

.text
Size: 147KB - Virtual size: 146KB

.rdata
Size: 135KB - Virtual size: 134KB

.data
Size: 10KB - Virtual size: 17KB

.text1
Size: 11KB - Virtual size: 10KB

.rsrc
Size: 15KB - Virtual size: 14KB

.reloc
Size: 14KB - Virtual size: 14KB