a41479acbd302b1309505a87f58a7b71702a06d0fa6eb25c551f24cb0939ae44

Sharing

Copy URL

Twitter E-mail

General

Target

a41479acbd302b1309505a87f58a7b71702a06d0fa6eb25c551f24cb0939ae44
Size

148KB
MD5

5e4a5b55d045d4f57214ff30713099d0
SHA1

ae625cca824c815b5dfe56b3a37b7cd756685b03
SHA256

a41479acbd302b1309505a87f58a7b71702a06d0fa6eb25c551f24cb0939ae44
SHA512

e2c909c2c0aec987e6e4e7afb8ef5ad1adad0607d0f8e27a36b6651d4a5764141d5b336b8f3fffc2f2edc4b694063d2d027cd150d0173318c50578e22adbdd6c
SSDEEP

3072:DWjtziKAJBwAG3PyIPW0w2Le1WbV9njwhE8:yjVpG0KRhcwh

Score

N/A

Malware Config

Signatures

Files

a41479acbd302b1309505a87f58a7b71702a06d0fa6eb25c551f24cb0939ae44
.exe windows x86

476b6282574da7cf4dfc341bcaa016f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
ExitProcess
DeleteCriticalSection
IsDebuggerPresent
TlsGetValue
IsProcessorFeaturePresent
LocalFree
FlushInstructionCache
lstrlenW
GetWindowsDirectoryW
GetVersionExW
InitializeCriticalSectionAndSpinCount
HeapAlloc
GetModuleHandleW
UnhandledExceptionFilter
GetPrivateProfileIntW
GetFileSize
GetOEMCP
RtlUnwind
CreateFileW
GetEnvironmentStringsW
HeapFree
EnumSystemLocalesA
GlobalAlloc
LCMapStringA
GetModuleHandleA
GetFileType
lstrcmpiW
GetDateFormatA
GetPrivateProfileStringW
SizeofResource
FindNextChangeNotification
SetUnhandledExceptionFilter
GetCurrentThreadId
GetCurrentProcessId
lstrcpynA
MultiByteToWideChar
FindResourceW
IsValidLocale
GetStdHandle
HeapReAlloc
LoadLibraryW
CompareStringA
GetConsoleCP
CreateThread
QueryPerformanceCounter
TerminateProcess
GetFileAttributesW
TlsSetValue
GlobalSize
InterlockedIncrement
WritePrivateProfileStringW
GetModuleFileNameW
GetTempPathW
lstrcmpW
GetACP
IsValidCodePage
WideCharToMultiByte
GetStringTypeA
VirtualQuery
LeaveCriticalSection
ExpandEnvironmentStringsA
RaiseException
ExpandEnvironmentStringsW
ResetEvent
GetConsoleMode
InterlockedExchange
GetFileAttributesExW
GetCurrentProcess
OpenEventW
lstrcpyW
SystemTimeToTzSpecificLocalTime
LCMapStringW
VirtualFree
GetModuleFileNameA
GetComputerNameW
GetStartupInfoW
FreeEnvironmentStringsW
lstrcatW
InterlockedCompareExchange
TlsFree
WriteConsoleW
AddAtomA
GetVersion
lstrlenA
GetCurrentThread
SetLastError
GetLastError
SetHandleCount
GetStartupInfoA
ReadFile
FindFirstChangeNotificationW
OutputDebugStringW
SetStdHandle
SetConsoleCtrlHandler
LoadLibraryExW
HeapCreate
CreateFileA
lstrcpynW
GetTempFileNameW
InterlockedDecrement
LoadLibraryA
GetTimeFormatA
GlobalLock
CloseHandle
GetSystemDefaultLangID
FreeLibrary
LocalAlloc
CopyFileW
CompareStringW
TlsAlloc
EnterCriticalSection
MulDiv
DebugBreak
GetDateFormatW
HeapDestroy
WritePrivateProfileSectionW
GetProcAddress
GlobalUnlock
GetUserDefaultLCID
GetStringTypeW
WinExec
GetConsoleOutputCP
GetCommandLineW
LockResource
FormatMessageW
WaitForMultipleObjects
HeapSize
VirtualAlloc
FileTimeToSystemTime
WaitForSingleObject
WriteConsoleA
VerLanguageNameW
GetCPInfo
InitializeCriticalSection
LoadResource
GetSystemDirectoryW

user32

IsClipboardFormatAvailable
SetDlgItemTextW
GetClassInfoW
SetWindowsHookExW
MessageBoxW
GetMessageW
EnableWindow
RegisterClassW
RegisterWindowMessageW
PeekMessageW
LoadAcceleratorsW
IsWindowVisible
GetActiveWindow
DialogBoxParamW
FillRect
GetSubMenu
SetCapture
FrameRect
ReleaseCapture
UpdateWindow
LoadImageW
CreatePopupMenu
DrawEdge
GetWindowRect
LockWindowUpdate
GetDC
CallNextHookEx
LoadBitmapW
CharLowerW
DrawFrameControl
IsMenu
GetFocus
SetWindowTextW
IsChild
LoadIconW
RegisterClassExW
MapWindowPoints
PostQuitMessage
GetWindowTextLengthW
DefMDIChildProcW
MoveWindow
SetDlgItemInt
CallWindowProcW
KillTimer
DestroyWindow
CopyRect
wvsprintfW
GetSystemMenu
GetParent
RegisterClipboardFormatW
RemoveMenu
BeginDeferWindowPos
TrackPopupMenu
EndPaint
EqualRect
GetMenuStringW
UnregisterClassW
OffsetRect
GetCursorPos
InflateRect
AppendMenuW
GetMenu
SendMessageW
LoadMenuW
SetMenuItemInfoW
PtInRect
DestroyCaret
SetForegroundWindow
MonitorFromWindow
DragDetect
GetKeyState
OpenClipboard
LoadStringW
SetScrollPos
GetMenuDefaultItem
InvalidateRect
GetWindowLongW
CharNextW
EmptyClipboard
LoadStringA
SetMenuDefaultItem
TrackPopupMenuEx
GetDlgCtrlID
SetFocus
ShowScrollBar
SetParent
LoadCursorW
GetDlgItemTextW
GetWindowLongA
GetSystemMetrics
BeginPaint
GetWindowPlacement
GetClassNameW
GetMessagePos
EndDialog
InsertMenuW
ScrollWindowEx
PostMessageW
SetCaretPos
GetCapture
GetMonitorInfoW
GetClassLongW
CloseClipboard
FindWindowW
SystemParametersInfoW
GetSysColorBrush
DestroyMenu
GetWindowTextW
SetClipboardData
DefWindowProcW
EnableMenuItem
SetWindowPos
DrawFocusRect
WindowFromPoint
TranslateMessage
DispatchMessageW
BringWindowToTop
ClientToScreen
UnregisterClassA
DefFrameProcW
SetMenu
GetMenuItemInfoW
IsWindowEnabled
GetDoubleClickTime
CreateCaret
TranslateMDISysAccel
GetWindowThreadProcessId
GetMenuItemID
ScreenToClient
SetCursor
SetScrollInfo
GetDlgItemInt
TranslateAcceleratorW
SetRectEmpty
MessageBeep
RedrawWindow
UnhookWindowsHookEx
EndDeferWindowPos
GetWindowDC
GetScrollInfo
GetWindow
IntersectRect
ReleaseDC
SetTimer
DrawMenuBar
ModifyMenuW
CreateWindowExW
GetDesktopWindow
GetClientRect
DeferWindowPos

gdi32

CreateDIBSection
SetViewportOrgEx
ExtTextOutW
Polyline
GetObjectW
CreateFontIndirectW
MoveToEx
GetTextExtentPointW
GetDeviceCaps
DeleteObject
GetClipRgn
SaveDC
CreateCompatibleBitmap
Rectangle
CreatePatternBrush
Polygon
SetBkColor
SelectPalette
CreatePalette
LineTo
CreateCompatibleDC
IntersectClipRect
RealizePalette
TextOutW
RestoreDC
SetWindowOrgEx
BitBlt
CreateRectRgn
SelectObject
SelectClipRgn
SetBkMode
PatBlt
CreateBitmap
GetViewportOrgEx
GetTextExtentPoint32W
GetStockObject
CreateFontW
SetPolyFillMode
DPtoLP
CreateSolidBrush
SetTextColor
SetBrushOrgEx
LPtoDP
GetClipBox
CreatePen
GetTextMetricsW
DeleteDC

comdlg32

ChooseFontW
GetSaveFileNameW
ChooseColorW
GetOpenFileNameW

oleaut32

SystemTimeToVariantTime
SysFreeString
VarR8FromStr
VarUI4FromStr
VarDecFromStr
VarDecCmp
VarI4FromStr

wsock32

getsockname
WSAAsyncSelect
ioctlsocket
WSASetLastError
recv
listen
accept
send
gethostbyname
WSAGetLastError
htons
connect
bind
shutdown
getpeername
socket
inet_addr
ntohs
closesocket

msvcrt

localtime
strchr
fclose
sprintf
rand
_onexit
exit
fwrite
atoi
_i64toa
_acmdln
strncmp
__dllonexit
atol
_setmbcp
_strnicmp
__getmainargs
_initterm
_XcptFilter
_ftol
_controlfp
wcslen
_exit
__p__fmode
memmove
fopen
__setusermatherr
_stricmp
__set_app_type
__CxxFrameHandler
__p__commode
_adjust_fdiv
_except_handler3
_purecall
time

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 351KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

476b6282574da7cf4dfc341bcaa016f0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

oleaut32

wsock32

msvcrt

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 72KB - Virtual size: 351KB

.data1 Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 72KB - Virtual size: 351KB

.data1
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 2KB