5ff5bcbc2a8f1ad9e58195da2b4ec9fd6f0f2b24bc725865e3e9e496f28299d0

Sharing

Copy URL Twitter E-mail

General

Target

5ff5bcbc2a8f1ad9e58195da2b4ec9fd6f0f2b24bc725865e3e9e496f28299d0
Size

161KB
MD5

06b17ee3185e72a9a04878bfb89bf159
SHA1

410de125d02faea3e0bc071eda0627db654db581
SHA256

5ff5bcbc2a8f1ad9e58195da2b4ec9fd6f0f2b24bc725865e3e9e496f28299d0
SHA512

f519323a949f1616824a772fec264e40bf20ba9f2e73752f6d2d2cdbc7e23af402240397b3ea208563d384eda1ce186110eb9c2481598e76c4a0970c10527e87
SSDEEP

3072:zKlz2NFCqH9HCzc48b1BVscHedqVTzJR+6mOa86++ro:Cz2NFzH9kV8DV/+dqVJZmb

Score

N/A

Malware Config

Signatures

Files

5ff5bcbc2a8f1ad9e58195da2b4ec9fd6f0f2b24bc725865e3e9e496f28299d0
.exe windows x86

54454f31916440c916f39606df348dbf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptHashData
NotifyBootConfigStatus
LookupAccountSidW
RegEnumKeyA
RegQueryValueExA
CryptDestroyHash
RegCreateKeyW
ControlService
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
EqualSid

kernel32

SetStdHandle
FindResourceExA
FindNextFileA
SetCommBreak
FindResourceA
lstrcpyA
MapViewOfFile
CreateEventW
GetCommState
GetSystemDefaultUILanguage
GlobalGetAtomNameW
GetCurrentDirectoryW
GetStartupInfoA
CreateRemoteThread
IsBadCodePtr
IsDBCSLeadByteEx
EnumResourceNamesW
ClearCommError
GetThreadLocale
GetFileAttributesExW
lstrcatA
CreateMutexW
OpenFileMappingW
GetCommModemStatus
GetAtomNameW
UnmapViewOfFile
GetModuleHandleA
AreFileApisANSI
LoadResource
lstrlenA
LocalUnlock
IsValidLocale
ClearCommBreak
GetFileAttributesExA
GetModuleFileNameW
IsBadStringPtrW
DeleteCriticalSection
HeapReAlloc
SetThreadLocale
GetDateFormatA
GetSystemDirectoryW
GetSystemTime
TlsFree
GetStringTypeExW
MoveFileW
FileTimeToLocalFileTime
GetThreadContext
GlobalHandle
WaitForMultipleObjects
GetModuleHandleW
SetThreadContext
LCMapStringW
GetComputerNameW
GetTempFileNameA
SetTimerQueueTimer
GlobalMemoryStatus
GetSystemDefaultLangID
SetCurrentDirectoryW
GetLastError
GetLongPathNameW
GetNumberFormatW
VirtualProtect
SetErrorMode
CreateWaitableTimerA
WaitForSingleObjectEx
CompareStringA
CreateFileMappingW
GetComputerNameExA
GetFileInformationByHandle
GetCommConfig
SetThreadAffinityMask
GetComputerNameExW
CreateEventA
GetFullPathNameA
GetBinaryTypeA
GetComputerNameA
GlobalFlags
OpenEventA
VirtualQuery
SetFileAttributesW
CancelIo
SetCommTimeouts
VerSetConditionMask
LoadLibraryExA
HeapUnlock
GetStdHandle
SetThreadExecutionState
GlobalReAlloc
GetOverlappedResult
SetEvent
LockFile
LeaveCriticalSection

gdi32

GetTextExtentPointW
CreateEllipticRgnIndirect
StretchDIBits
UnrealizeObject
GetClipBox
CreateCompatibleDC
OffsetRgn
SaveDC
GetTextMetricsA
SetBkColor
Ellipse
CreateCompatibleBitmap
GetRasterizerCaps
GetSystemPaletteEntries
SetDIBitsToDevice
BitBlt
RealizePalette
GetViewportOrgEx
CreateRectRgn
GetSystemPaletteUse
EnumFontFamiliesW
CreateDCW
CreateHatchBrush
StretchBlt
GetRgnBox
GetWindowOrgEx
IntersectClipRect
StartPage
LineDDA
SetRectRgn
ScaleWindowExtEx
CreateSolidBrush
DeleteObject
GetNearestColor
SelectPalette
SelectClipRgn
GetTextFaceW
CreateRoundRectRgn
SetMapMode
EndPath
PolyBezier
GetPixel

user32

EnableMenuItem
IsCharLowerA
ReplyMessage
GetParent
GetCaretPos
IsCharAlphaA
MessageBoxW
GetAsyncKeyState
SetMenuItemBitmaps
RegisterClassA
GetWindowLongA
SendInput
CharUpperA
GetClassNameW
LockWindowUpdate
GetKeyNameTextW
IsCharUpperA
SendMessageW
CheckRadioButton
DestroyMenu
GetKeyState
GetWindowDC
RegisterClassExW
IsWindow
DefWindowProcA
CreateWindowExW
SendDlgItemMessageA
GetMenuStringA
IsWindowEnabled
SetWindowPlacement
PostQuitMessage
InternalGetWindowText
LoadAcceleratorsW
CreateDialogParamW
TrackPopupMenuEx
EnableScrollBar
InsertMenuA
GetNextDlgGroupItem
SetLastErrorEx
GetClassInfoA
CharToOemBuffA
LoadIconA
GetNextDlgTabItem
RegisterClassExA
TranslateAcceleratorW
GetScrollPos
SetWindowRgn
EnumWindows
GetUpdateRgn
DestroyAcceleratorTable
InvalidateRect
SetActiveWindow
InvalidateRgn
SetScrollInfo
IsCharAlphaNumericW
GetUpdateRect
MessageBoxExA
CharUpperBuffW
CreateIconIndirect
TrackPopupMenu
SetMenu
keybd_event
IntersectRect
ShowWindowAsync
CharLowerA
LoadBitmapA
HideCaret
HiliteMenuItem
DialogBoxIndirectParamA
DrawStateA
LoadImageW
CloseDesktop
IsZoomed
GetKeyboardLayout
GrayStringW
IsCharAlphaW
wvsprintfW
GetForegroundWindow
SetDlgItemInt
IsDlgButtonChecked
OemToCharA
LoadAcceleratorsA
DrawTextExW
GetClassLongW
SetCursorPos
OpenInputDesktop
DispatchMessageA
GetDesktopWindow
FrameRect
DeferWindowPos
CreateAcceleratorTableW
CharNextA
ShowCaret
DestroyCaret
CharUpperW
KillTimer
PostMessageA

rpcrt4

NDRcopy
MesHandleFree
I_RpcTransIoCancelled
MesBufferHandleReset

Sections

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Agio
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mon887
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Much
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sat
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oypac
Size: 512B - Virtual size: 463B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jibmed
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54454f31916440c916f39606df348dbf

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

rpcrt4

Sections

.text Size: 123KB - Virtual size: 123KB

.Agio Size: 9KB - Virtual size: 8KB

.mon887 Size: 512B - Virtual size: 4KB

.Much Size: 512B - Virtual size: 32B

.sat Size: 512B - Virtual size: 32B

.oypac Size: 512B - Virtual size: 463B

.jibmed Size: 22KB - Virtual size: 22KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 123KB - Virtual size: 123KB

.Agio
Size: 9KB - Virtual size: 8KB

.mon887
Size: 512B - Virtual size: 4KB

.Much
Size: 512B - Virtual size: 32B

.sat
Size: 512B - Virtual size: 32B

.oypac
Size: 512B - Virtual size: 463B

.jibmed
Size: 22KB - Virtual size: 22KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 3KB - Virtual size: 2KB