eb360e8211bcea81d559edca0b15c4ee6644aee773b1bc91ecce61add0625bf1

Sharing

Copy URL Twitter E-mail

General

Target

eb360e8211bcea81d559edca0b15c4ee6644aee773b1bc91ecce61add0625bf1
Size

2.6MB
MD5

db61a8417030d7b4d219fb535fc2b5c5
SHA1

344f6e88a90788c07f93831b7262d4d17789c3ac
SHA256

eb360e8211bcea81d559edca0b15c4ee6644aee773b1bc91ecce61add0625bf1
SHA512

f541df072a07d4a1a271c8e27ea9db4d2f4c19b8bd9dd676033489a85693aa8689d9c229926f86e9485018fa2378c48d4b77f98063d6280dc1eaac50a07f58ea
SSDEEP

49152:yTECfbp+1X5C+FbeMD4sKpdRtcRlo9+vVVmsiON8W/LFWwIZnA42kG:yrzp+1JlbR0sKpH2loCN8iLswIZe

Score

N/A

Malware Config

Signatures

Files

eb360e8211bcea81d559edca0b15c4ee6644aee773b1bc91ecce61add0625bf1
.exe windows x86

b48cbbf9bc33a24834e5e6a74f5c5921

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
SetFilePointer
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
GetLocaleInfoA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapSize
ExitProcess
Sleep
HeapReAlloc
GetCurrentThreadId
HeapCreate
GetModuleFileNameA
LCMapStringA
WriteFile
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoW
VirtualQuery
GetSystemInfo
VirtualProtect
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
LCMapStringW
SetStdHandle
WriteConsoleA
VirtualFree
VirtualAlloc
CloseHandle
OpenMutexW
SetLastError
LockResource
lstrcatW
WriteConsoleW
CreateFileA
FlushFileBuffers
GetConsoleOutputCP
GetCurrentProcess
FlushInstructionCache
GetVersionExW
DeleteCriticalSection
InitializeCriticalSection
lstrcpynW
lstrlenA
lstrcpynA
GetCommandLineW
lstrcmpW
GetCurrentProcessId
lstrcpyW
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
LoadLibraryW
lstrcmpiW
GetModuleHandleW
GetProcAddress
InterlockedDecrement
InterlockedIncrement
GetLastError
GetStdHandle
lstrlenW
LeaveCriticalSection
EnterCriticalSection
RaiseException

user32

AdjustWindowRectEx
SetCursor
SetCapture
ClientToScreen
GetDesktopWindow
CheckMenuRadioItem
EnableMenuItem
AppendMenuW
DeleteMenu
ReleaseCapture
LoadBitmapW
LoadStringA
PostQuitMessage
SetMenuDefaultItem
GetDlgCtrlID
RedrawWindow
SetWindowPos
SetMenu
GetMenu
SetWindowTextW
RemoveMenu
CreatePopupMenu
GetWindowRect
TranslateAcceleratorW
GetSubMenu
PeekMessageW
PtInRect
IsMenu
SetWindowsHookExW
GetClassNameW
OffsetRect
CallNextHookEx
GetKeyState
CharLowerW
UnhookWindowsHookEx
InflateRect
SystemParametersInfoW
SetRectEmpty
GetSystemMetrics
RegisterWindowMessageW
GetSysColorBrush
GetSysColor
ReleaseDC
GetWindowDC
GetMessagePos
WindowFromPoint
MessageBeep
FrameRect
ModifyMenuW
TrackPopupMenuEx
DrawEdge
MonitorFromPoint
GetMonitorInfoW
DrawFrameControl
DrawTextW
GetFocus
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
CallWindowProcW
FillRect
GetActiveWindow
GetWindowThreadProcessId
GetParent
SetFocus
IsWindowEnabled
IsWindowVisible
InvalidateRect
UpdateWindow
MapWindowPoints
ScreenToClient
GetClientRect
PostMessageW
SendMessageW
LoadStringW
LoadMenuW
LoadAcceleratorsW
DestroyMenu
CreateWindowExW
GetClassInfoExW
LoadCursorW
LoadImageW
RegisterClassExW
DestroyWindow
CharNextW
DefWindowProcW
IsWindow
ShowWindow
GetWindowLongW
SetWindowLongW
wvsprintfW
GetDC
UnregisterClassA

gdi32

CreateCompatibleBitmap
BitBlt
CreateFontIndirectW
CreateCompatibleDC
DeleteObject
GetObjectW
SetBkMode
SetTextColor
SetBrushOrgEx
SetBkColor
PatBlt
CreateBitmap
DeleteDC
CreatePatternBrush
CreateDIBSection
GetStockObject
GetCurrentObject
SetViewportOrgEx
Polygon
CreatePen
SelectObject
CreateSolidBrush

advapi32

RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegCloseKey

ole32

CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize

oleaut32

VarUI4FromStr

comctl32

ImageList_DragEnter
ImageList_DragShowNolock
ImageList_DragMove
ImageList_EndDrag
ImageList_BeginDrag
ImageList_AddMasked
ImageList_LoadImageW
ord8
ImageList_Create
CreateStatusWindowW
ImageList_DrawIndirect
ImageList_Draw
InitCommonControlsEx
ImageList_GetImageCount
ImageList_Destroy
ImageList_DragLeave

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 342KB - Virtual size: 342KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b48cbbf9bc33a24834e5e6a74f5c5921

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 6KB - Virtual size: 14KB

.rsrc Size: 342KB - Virtual size: 342KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 6KB - Virtual size: 14KB

.rsrc
Size: 342KB - Virtual size: 342KB