7db82f67051739e708841a1d226045f43eeda256eeeaea4178b8115a9af6aff2

Sharing

Copy URL Twitter E-mail

General

Target

7db82f67051739e708841a1d226045f43eeda256eeeaea4178b8115a9af6aff2
Size

329KB
MD5

015211798ad9ad0fea80d5bd58816830
SHA1

5ee08b63f7ec0c28cef9d05c59e4c216254c7fb3
SHA256

7db82f67051739e708841a1d226045f43eeda256eeeaea4178b8115a9af6aff2
SHA512

2298a5807242da7d2c8dd1373fda737050196a0dbf7079d511b81c1251a9dc0d6e9e086aea4477e734216ce9321aeb5c7d13de8647da38abbe72a4f274c82c50
SSDEEP

6144:dIX0+KCMnrbGjWS2WxmNPtFBiSWWO0sAnre1b0nq3PN:ik6jnTmx0SW4Woq/N

Score

N/A

Malware Config

Signatures

Files

7db82f67051739e708841a1d226045f43eeda256eeeaea4178b8115a9af6aff2
.exe windows x86

d1bcb9a1bf909d5b224c7287d1ff8682

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

free
_vsnwprintf
_CIsin
_CIcosh
_wtoi
_CIatan
_vsnprintf
_CIexp
clock
_CItanh
_CItan
_wtof
isalpha
malloc
__dllonexit
_unlock
modf
tolower
_CIpow
_CIsqrt
memset
_errno
isalnum
_CIacos
_CIfmod
setlocale
_fpclass
_strdup
qsort
wcsstr
_CIsinh
memcpy
isxdigit
_initterm
_isnan
_wcsicmp
calloc
_resetstkoflw
_onexit
_controlfp
_purecall
strchr
atoi
realloc
_CIatan2
_CIlog
_CIasin
memmove
_copysign
_amsg_exit
_lock
isspace
_finite
isdigit
_CIcos
atof
wcstol
_adjust_fdiv
floor
ceil
_stricmp
_XcptFilter
toupper
wcschr
_clearfp

gdi32

BitBlt
CreateDIBSection
DrawEscape
DeleteObject
CreateICW
GetDIBits
RectInRegion
CreateDCW
GetDeviceCaps
GdiEntry13
CreatePalette
SetLayout
SelectObject
CreateCompatibleBitmap
GetRegionData
CombineRgn
OffsetRgn
RealizePalette
CreateCompatibleDC
GetRgnBox
CreateRectRgnIndirect
DeleteDC
SelectPalette
GetSystemPaletteEntries
GetDCOrgEx

ole32

CoTaskMemFree
CoCreateInstance
PropVariantCopy
CoInitialize
CoUninitialize
CoTaskMemAlloc
PropVariantClear

user32

GetDesktopWindow
SetLayeredWindowAttributes
GetDC
IntersectRect
EqualRect
SetRect
IsRectEmpty
OffsetRect
GetGuiResources
MsgWaitForMultipleObjects
GetWindowDC
ReleaseDC
RegisterWindowMessageW
ClientToScreen
TranslateMessage
GetClientRect
IsWindow
EnumDisplayMonitors
GetWindowLongW
PeekMessageW
InvalidateRect
EnumDisplayDevicesW
GetMonitorInfoW
EnumDisplaySettingsW
DispatchMessageW
PostMessageW
CopyRect
SystemParametersInfoW
UpdateLayeredWindow

kernel32

LoadResource
GetModuleHandleW
CreateFileMappingW
VirtualAlloc
GetOverlappedResult
lstrcmpiA
WaitForSingleObjectEx
GetCurrentThread
RaiseException
VirtualLock
OutputDebugStringA
FindClose
LoadLibraryW
SystemTimeToFileTime
PulseEvent
GetSystemTimeAsFileTime
CancelIo
WaitForMultipleObjects
GetCurrentProcessId
ResetEvent
InterlockedIncrement
SetProcessWorkingSetSize
GetSystemDirectoryW
GetProcAddress
QueryPerformanceFrequency
TryEnterCriticalSection
DisableThreadLibraryCalls
SetUnhandledExceptionFilter
InterlockedFlushSList
GetProcessId
TerminateThread
InterlockedExchangeAdd
GetLastError
CreateWaitableTimerW
WriteFile
VirtualQuery
GetSystemInfo
GetVersionExW
ReadFile
GetCurrentThreadId
FreeLibrary
InterlockedPushEntrySList
MapViewOfFile
SleepEx
HeapFree
Sleep
InitializeSListHead
InitializeCriticalSectionAndSpinCount
RtlCaptureStackBackTrace
HeapReAlloc
LockResource
SetLastError
FindResourceW
CreateEventW
InitializeCriticalSection
HeapAlloc
GetFileSize
GetFullPathNameA
CreateThread
SetThreadPriority
IsProcessorFeaturePresent
QueryDepthSList
CreateFileMappingA
LocalAlloc
ProcessIdToSessionId
UnhandledExceptionFilter
GetCurrentProcess
OutputDebugStringW
CreateFileW
WaitForSingleObject
GetVersion
FindFirstFileW
GetTickCount
DebugBreak
WideCharToMultiByte
GlobalUnlock
DelayLoadFailureHook
UnmapViewOfFile
GetVersionExA
DeleteCriticalSection
EnterCriticalSection
VirtualFree
GetModuleHandleA
GetProcessWorkingSetSize
InterlockedCompareExchange
GetProcessHeap
MulDiv
DuplicateHandle
LeaveCriticalSection
RtlUnwind
SizeofResource
CloseHandle
TerminateProcess
CompareStringW
IsDebuggerPresent
SetEvent
QueryPerformanceCounter
SetWaitableTimer
CreateFileA
ExitProcess
InterlockedDecrement
InterlockedExchange
LocalFree
LoadLibraryA

advapi32

RegOpenKeyA
RegQueryValueExA
GetTraceEnableLevel
UnregisterTraceGuids
TraceEvent
RegisterTraceGuidsW
TraceMessage
GetTraceLoggerHandle
RegOpenKeyExW
GetTraceEnableFlags
RegQueryValueExW
RegCloseKey

ntdll

NtUnmapViewOfSection
RtlIsGenericTableEmpty
DbgBreakPoint
NtQuerySystemInformation
RtlInitializeBitMap
RtlNumberGenericTableElements
RtlEnumerateGenericTableWithoutSplaying
NtAllocateVirtualMemory
RtlLookupElementGenericTable
NtAddAtom
RtlSetBits
RtlFindClearBitsAndSet
RtlInsertElementGenericTable
RtlInitializeGenericTable
DbgPrintEx
RtlUlongByteSwap
NtCreateSection
DbgPrompt
RtlClearBits

psapi

GetProcessMemoryInfo

rpcrt4

RpcStringFreeW
RpcAsyncGetCallStatus
I_RpcExceptionFilter
RpcStringBindingComposeW
RpcBindingFree
RpcBindingFromStringBindingW
RpcSsDestroyClientContext
RpcBindingVectorFree
RpcServerUnregisterIfEx
RpcAsyncCancelCall
RpcBindingSetAuthInfoExW
NdrAsyncServerCall
UuidCreate
RpcServerRegisterIfEx
RpcServerInqCallAttributesW
RpcServerInqBindings
NdrAsyncClientCall
RpcEpRegisterW
RpcAsyncCompleteCall
UuidToStringW
RpcAsyncInitializeHandle
RpcServerUseProtseqW

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 160KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d1bcb9a1bf909d5b224c7287d1ff8682

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

gdi32

ole32

user32

kernel32

advapi32

ntdll

psapi

rpcrt4

Sections

.text Size: 11KB - Virtual size: 11KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 144KB - Virtual size: 143KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 160KB - Virtual size: 1.4MB

.text
Size: 11KB - Virtual size: 11KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 144KB - Virtual size: 143KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 160KB - Virtual size: 1.4MB