68a353598a6d01b412bf7d1032ea0e4c6820d0222ce719dc182a09a9c51e32c5

Sharing

Copy URL

Twitter E-mail

General

Target

68a353598a6d01b412bf7d1032ea0e4c6820d0222ce719dc182a09a9c51e32c5
Size

835KB
MD5

b98c25eb4eb2efbd1f6a314eab6ba0e0
SHA1

2c5d0df32e7f51de1d171b5c910c7b92c6f6dbdd
SHA256

68a353598a6d01b412bf7d1032ea0e4c6820d0222ce719dc182a09a9c51e32c5
SHA512

4c2f93d821f733f1db8041fffb6c217900e1fba7837df5ab207c61c8d4aeb1468bc2a3090815e81e2e21bfd00b228202b085a5e135450a752b7cd12dd9acb668
SSDEEP

12288:TyQPfupi9mGfFUXlcT9X9yvbZ+pTASOsFEDKxRUPPcZKCdpGU2WzaReL:TyQEi9mdlcBcZ+pkSOqRSPcZQSmy

Score

N/A

Malware Config

Signatures

Files

68a353598a6d01b412bf7d1032ea0e4c6820d0222ce719dc182a09a9c51e32c5
.exe windows x86

e1bb4bbd62aec594af710806cac432d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GdiTransparentBlt
EudcUnloadLinkW
GetEnhMetaFileDescriptionW
GdiQueryFonts
GdiEntry9
PolyBezier
GetCharABCWidthsW
GetTextExtentExPointA
Pie
GdiSetAttrs
DdEntry25
ExtTextOutW
AngleArc
GdiPlayDCScript
DdEntry13
StrokeAndFillPath
SetDIBits
GetCharABCWidthsI
EndPath
DeviceCapabilitiesExA
GetGlyphIndicesW
GdiPlayScript
HT_Get8BPPFormatPalette
CreateRectRgnIndirect
PtVisible
MirrorRgn
DPtoLP
PtInRegion
SetFontEnumeration
EngUnicodeToMultiByteN

kernel32

FoldStringA
OpenJobObjectW
FindFirstChangeNotificationW
BaseDumpAppcompatCache
ClearCommError
InterlockedPushEntrySList
QueryPerformanceCounter
VerLanguageNameW
GlobalLock
ExitVDM
SetComputerNameExA
VirtualFree
GetSystemTimeAsFileTime
ExitProcess
GetConsoleFontInfo
GetConsoleHardwareState
GlobalAddAtomW
ConsoleMenuControl
SetThreadUILanguage
SetThreadPriorityBoost
FlushFileBuffers
VirtualAlloc
IsDebuggerPresent
WriteProfileSectionA
GlobalFix
DuplicateConsoleHandle
OpenThread
LoadLibraryA
DeleteFileA
QueryInformationJobObject
SetComPlusPackageInstallStatus
GlobalUnWire
DeleteVolumeMountPointW
SetEnvironmentVariableW
GetModuleHandleA
BaseInitAppcompatCacheSupport
EnumDateFormatsExA
FindNextVolumeMountPointW
WritePrivateProfileSectionW

duser

GetMessageExW
BuildAnimation
SetGadgetFillF
CreateGadget
FindStdColor
BuildDropTarget
SetActionTimeslice
SetGadgetProperty
GetGadgetMessageFilter
UtilDrawBlendRect
SetGadgetFocus
DUserInstanceOf
GetGadgetStyle
GetGadgetAnimation
SetGadgetRect
SetGadgetRootInfo
GetStdColorBrushF
SetGadgetFillI
DUserPostMethod
UtilSetBackground
DUserGetRotatePRID
MapGadgetPoints
DUserSendEvent
DUserGetGutsData
GetDebug
GetStdColorPenI
DUserPostEvent
GetGadget
GetGadgetBufferInfo
FindGadgetMessages
DUserGetScalePRID
DUserGetAlphaPRID
GetStdColorF
DUserCastHandle
AttachWndProcW

user32

GetInputState
ToUnicodeEx
PrintWindow
SetClassLongA
LoadCursorFromFileA
CreateMDIWindowW
IsCharLowerW
wsprintfW
DdeClientTransaction
VkKeyScanExW
LoadMenuA
SetUserObjectSecurity
GetNextDlgTabItem
TileWindows
CreateDialogParamA
FreeDDElParam
SetWindowContextHelpId
SetWindowPos
UnlockWindowStation
GetClipboardFormatNameA
DragDetect
InitializeLpkHooks
LookupIconIdFromDirectoryEx
GetThreadDesktop
GetQueueStatus
SetClipboardData

crypt32

CertFreeCertificateContext
CertAddCertificateLinkToStore
I_CryptFindSmartCardCertInStore
I_CryptGetDefaultCryptProv
CryptImportPublicKeyInfoEx
I_CryptAddRefLruEntry
I_CryptGetFileVersion
CryptImportPKCS8
CryptCreateKeyIdentifierFromCSP
CertVerifyCRLTimeValidity
I_CryptGetTls
CertGetValidUsages
CryptFindCertificateKeyProvInfo
CertAddEncodedCTLToStore
PFXExportCertStore
I_CryptEnumMatchingLruEntries
CertVerifyRevocation
CryptMsgOpenToDecode
CertDuplicateCertificateChain
CryptSIPRemoveSignedDataMsg
I_CryptGetLruEntryData
I_CryptReadTrustedPublisherDWORDValueFromRegistry
CertGetCertificateChain
CertSerializeCertificateStoreElement
CertFindCertificateInCRL
CertDuplicateCertificateContext
CryptGetMessageCertificates
CertResyncCertificateChainEngine
I_CryptCreateLruCache
CryptAcquireContextU
CryptDecodeObject
CertGetIssuerCertificateFromStore
CryptGetMessageSignerCount

Sections

.text
Size: 371KB - Virtual size: 370KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 164KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1bb4bbd62aec594af710806cac432d8

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

duser

user32

crypt32

Sections

.text Size: 371KB - Virtual size: 370KB

.rdata Size: 107KB - Virtual size: 106KB

.data Size: 164KB - Virtual size: 1.6MB

.rsrc Size: 190KB - Virtual size: 190KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 371KB - Virtual size: 370KB

.rdata
Size: 107KB - Virtual size: 106KB

.data
Size: 164KB - Virtual size: 1.6MB

.rsrc
Size: 190KB - Virtual size: 190KB

.reloc
Size: 1KB - Virtual size: 1KB