3f4373571f586d7f0bd132448c30fd5756e420ac24811f40d648ee96e32a56ce

Sharing

Copy URL Twitter E-mail

General

Target

3f4373571f586d7f0bd132448c30fd5756e420ac24811f40d648ee96e32a56ce
Size

47KB
MD5

64038883b46858475aefc290970b9d99
SHA1

c0d12252fa53f2d32d1b5d0f4f07e9b1de19ac33
SHA256

3f4373571f586d7f0bd132448c30fd5756e420ac24811f40d648ee96e32a56ce
SHA512

3c00d0aa848668b416a04fd029df741be2df34f77d81e720e8db0f8ccc9bc22863fee58116c7dcefdacd360af789ea0f1ca51b71e2bdc0bbe9f123dd5d2ce5d6
SSDEEP

768:qsGoLIo17d5CRARaxvLYEKrrZbuHRF00t81/rHMaAv9xVfhzEgokKjeCxjGQ6sXv:Br7iRARKvLYEKfduHT8RrHMaS9xVfCRZ

Score

N/A

Malware Config

Signatures

Files

3f4373571f586d7f0bd132448c30fd5756e420ac24811f40d648ee96e32a56ce
.exe windows x86

3f7d284be8a1095884366714c4e29cea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EngCreateDeviceBitmap
GdiCreateLocalEnhMetaFile
GetFontData
GetEnhMetaFilePixelFormat
UpdateICMRegKeyW
EngWideCharToMultiByte
CreateSolidBrush
FONTOBJ_pvTrueTypeFontFile
DdEntry17
GdiSwapBuffers
GdiGetDevmodeForPage
GdiGetCodePage
UpdateICMRegKeyA
GdiSetAttrs
GetTextExtentPointW
GdiGetLocalDC
EngUnlockSurface
SetMapperFlags
GetICMProfileA
PlayMetaFileRecord
GetObjectType
DdEntry8
GetEnhMetaFileDescriptionA
GetOutlineTextMetricsA
DeleteEnhMetaFile
EngAlphaBlend
ExcludeClipRect
TextOutW
SetBrushOrgEx
RoundRect
ScaleWindowExtEx

kernel32

GetProcessIoCounters
CreateMailslotA
EnumCalendarInfoA
VerLanguageNameW
EnumSystemLocalesA
SetConsoleTitleW
RemoveDirectoryW
SetTimeZoneInformation
GetConsoleHardwareState
GetVolumePathNamesForVolumeNameA
SetTapePosition
OpenFileMappingW
IsValidCodePage
CreateSemaphoreA
RemoveDirectoryA
GetNumberOfConsoleMouseButtons
GlobalHandle
WaitForMultipleObjects
CreateFileW
SetConsoleCP
GetNumaNodeProcessorMask
GetDiskFreeSpaceW
TzSpecificLocalTimeToSystemTime
QueueUserAPC
QueryPerformanceCounter
GetFullPathNameA
SetLocalPrimaryComputerNameA
DeleteFileW
VirtualAlloc
OpenJobObjectW
CreateEventA
MoveFileWithProgressA
IsBadStringPtrA
SetCommTimeouts
LoadLibraryA
GetModuleHandleExW
IsProcessInJob
SetUnhandledExceptionFilter
GetStdHandle
DosDateTimeToFileTime
GetCurrentThread
_hwrite
CreatePipe
lstrcmp
GetTickCount
_lwrite
GetNumberOfConsoleFonts
OpenMutexA
SetFileShortNameA
GetLogicalDrives
GetThreadSelectorEntry
GetPrivateProfileIntA
SetConsolePalette
ScrollConsoleScreenBufferW
SetConsoleInputExeNameA
SetLocaleInfoA
SetConsoleCursorPosition
GlobalMemoryStatusEx
BuildCommDCBA
SetFilePointerEx
GetConsoleAliasesLengthW
GlobalCompact
BeginUpdateResourceA
CreateWaitableTimerA
CommConfigDialogA
OpenSemaphoreA
GetThreadPriorityBoost
GlobalMemoryStatus
GetVolumeNameForVolumeMountPointA

imm32

ImmInstallIMEW
ImmIMPSetIMEW
ImmSetCandidateWindow
ImmGetDefaultIMEWnd
ImmSetCompositionStringA
ImmSystemHandler
ImmInstallIMEA
ImmSetHotKey
ImmGetStatusWindowPos
ImmGetCompositionFontA
ImmRequestMessageW
ImmGetCompositionWindow
ImmConfigureIMEW
ImmLockClientImc
ImmUnlockIMC
ImmGetRegisterWordStyleA
ImmShowSoftKeyboard
ImmLockImeDpi
ImmGetIMEFileNameA
ImmGetCompositionStringW
ImmNotifyIME
ImmUnregisterWordW
ImmGetCandidateListW
ImmReSizeIMCC
ImmGetCandidateListA
ImmGetCandidateListCountA
ImmPutImeMenuItemsIntoMappedFile
ImmUnregisterWordA
ImmSetConversionStatus
ImmGetCompositionFontW

winipsec

EnumTransportFilters
DeleteQMPolicy
GetMMAuthMethods
SetMMFilter
OpenTransportFilterHandle
SetMMAuthMethods
MatchTunnelFilter
CloseTransportFilterHandle
DeleteMMFilter
GetTransportFilter
GetQMPolicy
DeleteTunnelFilter
EnumQMPolicies
AddTransportFilter
SPDApiBufferAllocate
SetTransportFilter
MatchTransportFilter
SetTunnelFilter
EnumMMAuthMethods
AddQMPolicy
EnumMMPolicies
AddMMAuthMethods
GetMMFilter
CloseTunnelFilterHandle
DeleteTransportFilter
AddMMPolicy

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f7d284be8a1095884366714c4e29cea

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

imm32

winipsec

Sections

.text Size: 37KB - Virtual size: 36KB

.rdata Size: 7KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 37KB - Virtual size: 36KB

.rdata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB