87c4f827fbdc685ac6e2d64d7ee94680cf0c0759335ecbfd06d2f258d0ea9529

Sharing

Copy URL

Twitter E-mail

General

Target

87c4f827fbdc685ac6e2d64d7ee94680cf0c0759335ecbfd06d2f258d0ea9529
Size

322KB
MD5

46b68ad0419044c10ad0e6c926933b6f
SHA1

e83776f68613ab71115f3ed8b814a9c3777d2cfb
SHA256

87c4f827fbdc685ac6e2d64d7ee94680cf0c0759335ecbfd06d2f258d0ea9529
SHA512

aae6ca30fe64c17ec1483141b1d2e33c1d1e7e09184d97422c4c03f0de5c5e6bd292cc55b89af052d1615850a635bd0d5aba40b2bbd073f848fec02d243c27bc
SSDEEP

6144:Rok2/kvd+LEa4x3pmIf3HPPtbhlR478/1TN+U0Xs4yhwTM4:i8vPa4RpH/NJN+Ts5wTB

Score

N/A

Malware Config

Signatures

Files

87c4f827fbdc685ac6e2d64d7ee94680cf0c0759335ecbfd06d2f258d0ea9529
.exe windows x86

167c39f30a0971a33b8545f8e6fe8327

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

swprintf
_vsnprintf
_onexit
__dllonexit
_except_handler3
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_adjust_fdiv
_initterm
_wtol
wcsstr
_wtoi
strchr
_wcsnicmp
_ftol
memset
strcmp
memmove
wcscmp
__RTDynamicCast
_purecall
realloc
__CxxFrameHandler
malloc
??2@YAPAXI@Z
free
??3@YAXPAX@Z

ntdll

NtFlushBuffersFile
NtGetPlugPlayEvent
NtReleaseSemaphore
NtDeleteKey
NtQueryMultipleValueKey
NtQueryObject
NtOpenProcessToken
NtQuerySystemInformation

kernel32

lstrlenW
GetModuleHandleW
IsBadWritePtr
GetProcAddress
TlsFree
LoadLibraryW
GetStdHandle
IsBadReadPtr
LocalFree
FreeLibrary
lstrcpynW
GetACP
TryEnterCriticalSection
GetModuleHandleA
lstrcmpW
TlsSetValue
CreateFileA
IsBadStringPtrW
lstrcpyW
QueryPerformanceCounter
GetTickCount
QueryPerformanceFrequency
TlsAlloc
CloseHandle
ReadFile
GetSystemTimeAsFileTime
LoadLibraryA
GetWindowsDirectoryW
FindAtomA
GetUserDefaultLCID
SetEvent
GetSystemDefaultUILanguage
LCMapStringW
AreFileApisANSI
GetVersion
OpenEventA
GlobalFree
FindResourceExW
HeapDestroy
RegisterWaitForSingleObject
GetCurrentProcessId
PulseEvent
UnregisterWait
CreateEventW
OutputDebugStringA
FindResourceExA
lstrcatA
GetLocalTime
HeapAlloc
GetProcessHeap
CreateSemaphoreA
InterlockedExchange
SetLastError
FindResourceW
CreateMutexA
HeapFree
GetConsoleOutputCP
TlsGetValue
GetSystemDefaultLCID
UnregisterWaitEx
FindClose
WaitForSingleObject
WaitForMultipleObjects
CreateThread
QueueUserWorkItem
lstrlenA
CreateSemaphoreW
WideCharToMultiByte
GetEnvironmentStringsA
MultiByteToWideChar
GetCurrentProcess
GetComputerNameW
OpenEventW
GetLastError
InterlockedDecrement
VirtualAlloc
InterlockedIncrement
GetTempPathA
DeleteCriticalSection
GetUserDefaultUILanguage
GetCurrentDirectoryA
Sleep
GetCommandLineW
InitializeCriticalSection
FreeEnvironmentStringsA
InterlockedCompareExchange
GetOEMCP
GetCurrentThreadId
GlobalAlloc
GetThreadLocale
EnterCriticalSection
SleepEx
LeaveCriticalSection
IsSystemResumeAutomatic
OpenMutexA
GetLogicalDrives
HeapCreate
GetTempFileNameA
LocalAlloc
DisableThreadLibraryCalls

ole32

CoInitializeEx
CoUninitialize
IIDFromString
StringFromIID
CoCreateFreeThreadedMarshaler
CreateBindCtx
CLSIDFromString
StringFromCLSID
CoTaskMemFree
CoCreateInstance
StringFromGUID2

ws2_32

WSAIoctl
WSASocketW

advapi32

RegOpenKeyExW
RegQueryInfoKeyA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegEnumValueA
GetUserNameW
RegQueryValueExW

user32

FindWindowA
CreateWindowExA
GetInputState
ReleaseDC
GetWindowLongW
GetCaretBlinkTime
GetMessageA
UnregisterClassW
DestroyWindow
DispatchMessageW
UnregisterClassA
GetSystemMetrics
TranslateMessage
GetDC
PostQuitMessage
PeekMessageW
GetClipboardViewer
GetSysColor
UnregisterDeviceNotification
UpdateWindow
GetDesktopWindow
GetCapture
MsgWaitForMultipleObjectsEx
RegisterDeviceNotificationW
GetForegroundWindow
GetActiveWindow
GetProcessDefaultLayout
CreateWindowExW
RegisterClassW
DefWindowProcW
LoadStringW
LoadIconA
DispatchMessageA
DefWindowProcA
wsprintfA
SetWindowLongW

winmm

mixerGetLineControlsA
mixerClose
mixerOpen
mixerGetControlDetailsA
timeGetTime

rtutils

TraceRegisterExW
TraceVprintfExA
TraceDeregisterW

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 200KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

167c39f30a0971a33b8545f8e6fe8327

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

ntdll

kernel32

ole32

ws2_32

advapi32

user32

winmm

rtutils

Sections

.text Size: 59KB - Virtual size: 59KB

.rdata Size: 30KB - Virtual size: 29KB

.data Size: 200KB - Virtual size: 228KB

.bss Size: - Virtual size: 48KB

.rsrc Size: 29KB - Virtual size: 29KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 59KB - Virtual size: 59KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 200KB - Virtual size: 228KB

.bss
Size: - Virtual size: 48KB

.rsrc
Size: 29KB - Virtual size: 29KB

.reloc
Size: 3KB - Virtual size: 2KB