7f23ded191f90f2fc9836ef379ef3f17ece7e01dcb445ed68207efc2ebed32c2

Sharing

Copy URL

Twitter E-mail

General

Target

7f23ded191f90f2fc9836ef379ef3f17ece7e01dcb445ed68207efc2ebed32c2
Size

868KB
MD5

3130432d4c091ff9f526a2a0d784e490
SHA1

6c1d2bb86989f76380c84ab95e0123dfe7fe06e6
SHA256

7f23ded191f90f2fc9836ef379ef3f17ece7e01dcb445ed68207efc2ebed32c2
SHA512

a1526e598416f109ebd1a6f66f9db1e57d166ab71e9d121cef0ba83276450f6bfb92d86a5117bae1a20f5a70f6919645bd451c9a882fdcbfd7ca48c6ce5328f5
SSDEEP

12288:J3mEAjBvqIt7YYn/1I7NzLKP8tyTsrCD7nCZ+baPqTzPW2MB6g:dmdjkcI7NSP8Esa7nCZZyTz8

Score

N/A

Malware Config

Signatures

Files

7f23ded191f90f2fc9836ef379ef3f17ece7e01dcb445ed68207efc2ebed32c2
.exe windows x86

59f8fe2e0bff0b6e786a7ad8f9889914

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

GetStringTypeW
GetStringTypeA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetProcessHeap
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoA
ReleaseMutex
LCMapStringA
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleCP
SetStdHandle
GetCurrentDirectoryA
PeekNamedPipe
GetFileInformationByHandle
GetFullPathNameA
MultiByteToWideChar
FormatMessageA
LocalFree
CreateEventA
GetFileTime
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
FindFirstFileA
FileTimeToLocalFileTime
FindClose
WaitForSingleObject
GetComputerNameA
RemoveDirectoryA
SetEvent
OpenEventA
LCMapStringW
CreateMutexA
UnmapViewOfFile
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
GetTickCount
GetModuleFileNameA
GetVersionExA
GetCurrentProcess
MoveFileA
CopyFileA
WinExec
GetSystemTime
GetWindowsDirectoryA
DeleteFileA
LoadLibraryA
GetProcAddress
FreeLibrary
CreateProcessA
GetExitCodeProcess
Sleep
CreateNamedPipeA
ConnectNamedPipe
DisconnectNamedPipe
FlushFileBuffers
CreateFileA
ReadFile
WriteFile
GetLastError
CloseHandle
SetFilePointer
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetFileType
SetHandleCount
RtlUnwind
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
GetModuleHandleA
RaiseException
GetStdHandle
VirtualAlloc
DeleteCriticalSection
VirtualFree
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
HeapSize
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
SetFileAttributesA
GetDateFormatA
GetTimeFormatA
HeapReAlloc
CreateDirectoryA
FindNextFileA
GetFileAttributesA
CreateThread
ResumeThread
ExitThread
GetConsoleMode
SystemTimeToFileTime
GetDriveTypeA
FileTimeToSystemTime
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
ExitProcess
GetModuleHandleW
HeapAlloc
HeapFree

user32

MessageBoxA
GetWindow
GetDlgCtrlID
ExitWindowsEx
IsWindow
DrawTextA
SetWindowTextA
GetDC
EnableWindow
SetWindowLongA
SetTimer
KillTimer
GetWindowRect
GetWindowLongA
GetSystemMetrics
GetParent
GetDesktopWindow
SetWindowPos
LoadBitmapA
LoadImageA
DialogBoxParamA
EndDialog
GetDlgItemTextA
ShowWindow
SetDlgItemTextA
SendMessageA
GetDlgItem
SetForegroundWindow

gdi32

CreateCompatibleDC
CreateBrushIndirect
Rectangle
SetBkMode
SetTextColor
CreateFontA
GetTextMetricsA
DPtoLP
CreateBitmap
GetMapMode
SetMapMode
SetBkColor
BitBlt
RoundRect
GetObjectA
CreateSolidBrush
CreatePen
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject

advapi32

RegQueryValueExA
RegEnumValueA
StartServiceA
RegCreateKeyExA
RegDeleteValueA
RegEnumKeyExA
RegDeleteKeyA
RegQueryInfoKeyA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
OpenServiceA
ControlService
QueryServiceStatus
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
SetServiceStatus
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
RegOpenKeyA
RegEnumKeyA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
InitiateSystemShutdownA
RegSetValueExA
RegOpenKeyExA
RegCloseKey

rsussl

RSA_new
BN_dup
SSL_CTX_use_RSAPrivateKey
X509_get_pubkey
SSL_CTX_use_certificate
SSL_CIPHER_description
SSL_get_current_cipher
SSL_CIPHER_get_name
SSL_get_peer_certificate
i2d_X509
X509_free
SSL_write
SSL_shutdown
SSL_free
SSL_CTX_free
RSA_free
OPENSSL_add_all_algorithms_noconf
CRYPTO_set_mem_functions
ERR_load_crypto_strings
SSL_library_init
SSL_load_error_strings
SSLv23_client_method
SSL_CTX_new
SSL_CTX_set_cipher_list
d2i_X509
TLSv1_client_method
SSLv3_client_method
SSLv2_client_method
SSL_CTX_set_ssl_version
SSL_get_error
SSL_peek
SSL_read
SSL_state
SSL_connect
SSL_set_fd
SSL_set_ex_data
SSL_new
SSL_CTX_set_cert_verify_callback
SSL_CTX_set_verify
X509_NAME_cmp
X509_get_subject_name
X509_get_issuer_name
sk_value
sk_num
SSL_get_ex_data
X509_STORE_CTX_get_ex_data
SSL_get_ex_data_X509_STORE_CTX_idx
UTF8_putc
MD5_Final
MD5_Update
MD5_Init
EVP_PKEY_free
RSA_get_default_method

wsock32

closesocket
sendto
htons
gethostbyname
ioctlsocket
select
setsockopt
getsockopt
__WSAFDIsSet
recv
send
WSAGetLastError
connect
WSAStartup
recvfrom
socket
inet_addr

Sections

.text
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 415KB - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59f8fe2e0bff0b6e786a7ad8f9889914

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

rsussl

wsock32

Sections

.text Size: 312KB - Virtual size: 311KB

.rdata Size: 61KB - Virtual size: 60KB

.data Size: 79KB - Virtual size: 90KB

.rsrc Size: 415KB - Virtual size: 415KB

.text
Size: 312KB - Virtual size: 311KB

.rdata
Size: 61KB - Virtual size: 60KB

.data
Size: 79KB - Virtual size: 90KB

.rsrc
Size: 415KB - Virtual size: 415KB