1b48123316ec918eb7172942f84141996d74e1c1357b10a507dbd3278295931c

Sharing

Copy URL Twitter E-mail

General

Target

1b48123316ec918eb7172942f84141996d74e1c1357b10a507dbd3278295931c
Size

137KB
MD5

55701343a6aa7e6bf1e7297168c364a0
SHA1

20c1255a7ee651a06fb9017adb80480347b857cd
SHA256

1b48123316ec918eb7172942f84141996d74e1c1357b10a507dbd3278295931c
SHA512

77fbf0501a51f8d90b0315579515acc12969010002f3ec5d4fb9ce777e36baa96f7c588d4ff5630b76de02fee922709b3791355bf659937fc01f65c2021ada61
SSDEEP

3072:YpehdwADwtCy6IJqa8hXo2CwY0ljDjLvcNKEtv9MOTBvc1e:YpesAM0ynYaLUpvcNKEtv9MoB

Score

N/A

Malware Config

Signatures

Files

1b48123316ec918eb7172942f84141996d74e1c1357b10a507dbd3278295931c
.exe windows x86

e2917f87edb71a05ccc0d24fce3428cc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
VerLanguageNameW
ResetEvent
lstrcmpiW
LoadLibraryExW
MulDiv
GetStartupInfoW
GetWindowsDirectoryW
GlobalUnlock
WideCharToMultiByte
GetTempFileNameW
FreeEnvironmentStringsW
GetStdHandle
DebugBreak
LoadResource
InitializeCriticalSection
VirtualFree
WaitForSingleObject
GetDateFormatW
lstrlenA
GetLastError
VirtualAlloc
MultiByteToWideChar
GetProcAddress
CreateFileA
GetOEMCP
GetPrivateProfileStringW
lstrcpynW
OpenEventW
GetConsoleMode
GetCurrentProcess
EnumSystemLocalesA
GetSystemDefaultLangID
Sleep
RaiseException
IsValidCodePage
GetCurrentThread
GetVersionExW
GetFileAttributesW
lstrcmpW
SystemTimeToTzSpecificLocalTime
IsDebuggerPresent
GetFileType
GetCPInfo
SizeofResource
lstrcpyW
DeleteCriticalSection
FormatMessageW
EnterCriticalSection
SetUnhandledExceptionFilter
GetFileAttributesExW
GetStartupInfoA
LocalAlloc
VirtualQuery
GetEnvironmentStringsW
FileTimeToSystemTime
LCMapStringA
CloseHandle
SetHandleCount
InterlockedCompareExchange
GetStringTypeW
InitializeCriticalSectionAndSpinCount
GetTimeFormatA
CreateFileW
ExpandEnvironmentStringsW
ReadFile
GetModuleFileNameA
TlsSetValue
HeapDestroy
TlsFree
GetComputerNameW
LCMapStringW
WaitForMultipleObjects
TlsAlloc
WinExec
InterlockedExchange
GetModuleHandleW
LoadLibraryA
TlsGetValue
GetConsoleOutputCP
FindNextChangeNotification
GetFileSize
GetUserDefaultLCID
SetConsoleCtrlHandler
GetProcessHeap
AddAtomA
GetVersion
SetLastError
GlobalLock
GlobalSize
SetStdHandle
FreeLibrary
GlobalAlloc
InterlockedIncrement
IsProcessorFeaturePresent
IsValidLocale
QueryPerformanceCounter
GetPrivateProfileIntW
GetModuleFileNameW
CopyFileW
lstrlenW
GetDateFormatA
GetConsoleCP
GetCurrentThreadId
HeapCreate
UnhandledExceptionFilter
WriteConsoleA
lstrcatW
HeapSize
GetStringTypeA
GetCommandLineW
HeapReAlloc
HeapAlloc
InterlockedDecrement
ExpandEnvironmentStringsA
ExitProcess
WritePrivateProfileSectionW
WriteConsoleW
CreateThread
LockResource
OutputDebugStringW
CompareStringA
GetModuleHandleA
FindResourceW
lstrcpynA
HeapFree
GetSystemDirectoryW
FindFirstChangeNotificationW
GetTempPathW
WritePrivateProfileStringW
GetACP
LoadLibraryW
FlushInstructionCache
LeaveCriticalSection
CompareStringW
RtlUnwind
LocalFree

user32

IntersectRect
GetWindowThreadProcessId
SystemParametersInfoW
FindWindowW
RegisterClipboardFormatW
GetParent
SetScrollPos
LoadStringW
DefMDIChildProcW
EndPaint
RegisterWindowMessageW
BeginPaint
GetMonitorInfoW
GetMenuDefaultItem
GetDlgCtrlID
KillTimer
GetActiveWindow
DestroyCaret
LoadAcceleratorsW
BeginDeferWindowPos
AppendMenuW
SendMessageW
GetMenu
TrackPopupMenu
EndDeferWindowPos
LoadImageW
GetCursorPos
RedrawWindow
DragDetect
SetFocus
GetClientRect
InflateRect
IsWindowEnabled
ReleaseDC
EndDialog
OpenClipboard
IsWindowVisible
CopyRect
EnableWindow
GetSubMenu
TrackPopupMenuEx
GetSysColorBrush
DestroyMenu
MapWindowPoints
LoadStringA
SetWindowTextW
CreateWindowExW
GetCapture
GetMenuStringW
IsChild
DefWindowProcW
ScreenToClient
GetWindowPlacement
SetDlgItemTextW
GetMessagePos
wvsprintfW
CharLowerW
GetSystemMenu
SetForegroundWindow
TranslateMessage
SetTimer
MoveWindow
PostMessageW
RegisterClassExW
RegisterClassW
CloseClipboard
GetMessageW
CallNextHookEx
InvalidateRect
SetParent
SetMenuDefaultItem
ClientToScreen
DeferWindowPos
CreatePopupMenu
MessageBoxW
GetWindowDC
GetDlgItemInt
GetWindowTextW
PeekMessageW
CallWindowProcW
GetClassLongW
FrameRect
CreateCaret
ModifyMenuW
LoadBitmapW
MonitorFromWindow
FillRect
SetCaretPos
GetSystemMetrics
SetDlgItemInt
GetWindow
GetWindowLongA
PtInRect
GetClassInfoW
SetRectEmpty
GetWindowTextLengthW
EqualRect
ShowScrollBar
GetWindowLongW
EmptyClipboard
EnableMenuItem
SetCursor
SetWindowPos
OffsetRect
GetClassNameW
CharNextW
IsClipboardFormatAvailable
TranslateAcceleratorW
RemoveMenu
GetKeyState
GetMenuItemInfoW
InsertMenuW
GetFocus
IsMenu
DialogBoxParamW
DefFrameProcW
SetMenu
SetClipboardData
TranslateMDISysAccel
LoadMenuW
GetDC
SetCapture
PostQuitMessage
GetScrollInfo
LoadIconW
GetWindowRect
SetMenuItemInfoW
DispatchMessageW
GetDlgItemTextW
WindowFromPoint
DrawFocusRect
SetScrollInfo
UnregisterClassW
DestroyWindow
ScrollWindowEx
DrawFrameControl
UpdateWindow
LockWindowUpdate
BringWindowToTop
ReleaseCapture
GetMenuItemID
UnhookWindowsHookEx
DrawMenuBar
MessageBeep
LoadCursorW
GetDoubleClickTime
SetWindowsHookExW
GetDesktopWindow
DrawEdge
UnregisterClassA

gdi32

CreatePen
Polyline
SetTextColor
CreateSolidBrush
CreateRectRgn
SaveDC
LPtoDP
GetClipRgn
DPtoLP
SetWindowOrgEx
CreateCompatibleDC
SelectClipRgn
ExtTextOutW
GetDeviceCaps
GetTextExtentPoint32W
CreateFontW
DeleteObject
GetStockObject
SetViewportOrgEx
LineTo
SelectObject
CreateCompatibleBitmap
RestoreDC
CreateFontIndirectW
SetBrushOrgEx
GetViewportOrgEx
GetClipBox
IntersectClipRect
SetBkMode
GetTextMetricsW
Rectangle
BitBlt
Polygon
SelectPalette
DeleteDC
CreatePalette
GetObjectW
MoveToEx
RealizePalette
CreateBitmap
PatBlt
TextOutW
SetBkColor
CreateDIBSection
GetTextExtentPointW
CreatePatternBrush
SetPolyFillMode

comdlg32

GetFileTitleW

oleaut32

VarDecFromStr
VarI4FromStr
VarR8FromStr
SysFreeString
VarDecCmp
SystemTimeToVariantTime
VarUI4FromStr

wsock32

connect
shutdown
getpeername
ioctlsocket
send
ntohs
closesocket
listen
gethostbyname
socket
WSAAsyncSelect
inet_addr
htons
WSAGetLastError
WSASetLastError
recv
getsockname
accept
bind

msvcrt

_XcptFilter
atol
_strnicmp
strchr
_setmbcp
atoi
_acmdln
_purecall
_adjust_fdiv
_onexit
wcslen
localtime
exit
_except_handler3
__set_app_type
__setusermatherr
__p__commode
_stricmp
__p__fmode
__CxxFrameHandler
fopen
__getmainargs
_i64toa
_initterm
fclose
time
strncmp
memmove
fwrite
rand
_ftol
sprintf
__dllonexit
_exit
_controlfp

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data2
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2917f87edb71a05ccc0d24fce3428cc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

oleaut32

wsock32

msvcrt

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 41KB - Virtual size: 41KB

.data Size: 28KB - Virtual size: 313KB

.data1 Size: 3KB - Virtual size: 3KB

.data2 Size: 42KB - Virtual size: 41KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 41KB - Virtual size: 41KB

.data
Size: 28KB - Virtual size: 313KB

.data1
Size: 3KB - Virtual size: 3KB

.data2
Size: 42KB - Virtual size: 41KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB