755769a40c2a506bc4d4f76447b871c21750c7f56d57c8370303f98c2220e9f5

Sharing

Copy URL Twitter E-mail

General

Target

755769a40c2a506bc4d4f76447b871c21750c7f56d57c8370303f98c2220e9f5
Size

1002KB
MD5

987a8063f5ce569d4c6f03026a5ade9c
SHA1

8929e49cdc196e360d9c1faa238569b7f3991e2b
SHA256

755769a40c2a506bc4d4f76447b871c21750c7f56d57c8370303f98c2220e9f5
SHA512

c8ef6a9a6e003e6025a87bda26335a3f5031c21d0dc9e40c8938e270dee235be269bfbb9334a912b71274c62bb909d93049f80dec0625e7699622c46d0784942
SSDEEP

24576:98qqdMSAYgVeku3C19cptD8n5Oqm8qZt28gtY7ODf7QnZS:983djgVejy19cptDKYt28D7OTek

Score

N/A

Malware Config

Signatures

Files

755769a40c2a506bc4d4f76447b871c21750c7f56d57c8370303f98c2220e9f5
.exe windows x86

7cea9bd9dee50f6143c56e3ee5a7bab2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetObjectA
DPtoLP
GetDeviceCaps
CreateCompatibleDC
SetMapMode
GetMapMode
GetStockObject
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteDC
LPtoDP
DeleteObject

kernel32

SetEvent
Sleep
CreateProcessA
CopyFileA
GetModuleFileNameA
GetTickCount
GetTempPathA
CloseHandle
GetExitCodeProcess
WaitForSingleObject
GetLastError
WriteFile
CreateFileA
FindNextFileA
FindFirstFileA
FindClose
DeleteFileA
Process32Next
MoveFileA
Module32First
Process32First
CreateToolhelp32Snapshot
FreeLibrary
GetProcAddress
LoadLibraryA
GetTempFileNameA
TerminateProcess
ContinueDebugEvent
SetThreadContext
GetThreadContext
WaitForDebugEvent
GetStartupInfoA
MulDiv
GetLocalTime
GetModuleHandleA
SetFileAttributesA
GetVersionExA
GetCommandLineA
CreateMutexA
GetWindowsDirectoryA
ResetEvent
OpenProcess
GetSystemTime
TerminateThread
CreateEventA
ReadFile
ReleaseMutex
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
FindResourceExA
SizeofResource
LockResource
LoadResource
FindResourceA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RemoveDirectoryA
LocalAlloc
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetLocaleInfoW
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
CreateDirectoryA
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
lstrlenA
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
CreateThread
GetEnvironmentVariableA
FreeEnvironmentStringsA
GetFileAttributesA
GetFileType
SetHandleCount
SetFilePointer
GetCurrentDirectoryA
GetFullPathNameA
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetOEMCP
GetACP
GetTimeZoneInformation
GetStdHandle
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime
VirtualProtect
VirtualAlloc
GetModuleHandleW
GetSystemInfo
VirtualQuery
ExitProcess
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
LCMapStringW
GetCPInfo
HeapCreate
VirtualFree
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError

user32

BeginPaint
DefWindowProcA
SetFocus
EndPaint
MessageBoxA
CreateWindowExA
MoveWindow
GetDC
ReleaseDC
GetSystemMetrics
PostQuitMessage
LoadCursorA
GetWindowRect
GetDesktopWindow
PostMessageA
GetWindowDC
CreateIconFromResourceEx
RegisterClassExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
InvalidateRect
UpdateWindow
SetWindowTextA
GetTitleBarInfo

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegOpenKeyA
RegCloseKey

ole32

CreateStreamOnHGlobal

shell32

Shell_NotifyIconA

shlwapi

PathFindExtensionA
PathFindExtensionW

gdiplus

GdipGetImageEncoders
GdiplusStartup
GdiplusShutdown
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipSaveImageToFile
GdipCreateBitmapFromScan0
GdipGetImageEncodersSize
GdipFree
GdipAlloc
GdipCloneImage

Sections

.text
Size: 863KB - Virtual size: 863KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7cea9bd9dee50f6143c56e3ee5a7bab2

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

user32

advapi32

ole32

shell32

shlwapi

gdiplus

Sections

.text Size: 863KB - Virtual size: 863KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 104KB - Virtual size: 134KB

.text
Size: 863KB - Virtual size: 863KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 104KB - Virtual size: 134KB