8ba04b022ea56b1e57ebed18c4a62f1452ec31f65d679558537a467de2162f59

Sharing

Copy URL

Twitter E-mail

General

Target

8ba04b022ea56b1e57ebed18c4a62f1452ec31f65d679558537a467de2162f59
Size

43KB
MD5

d430484f0ef1712afd1a67c48481511a
SHA1

204ffbb47fd20b5e82ed1251873b251e7ef32b5b
SHA256

8ba04b022ea56b1e57ebed18c4a62f1452ec31f65d679558537a467de2162f59
SHA512

8641565ab9401d99831d7c2791a129686e11c92bf598fb05ece13df2486f1ebf3a7a5bb534bf78d91c72e3463d92de6e703e3afc812f4deeefa7163b5b354008
SSDEEP

384:UDcvdDvu/HpZcFS5JAj3okP/dDa6mr4sPzzBx:UYVC/JZ0STO3lHcIqBx

Score

N/A

Malware Config

Signatures

Files

8ba04b022ea56b1e57ebed18c4a62f1452ec31f65d679558537a467de2162f59
.exe windows x86

33376e9b4b830bf46e880c461bf2a9e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemPowerStatus
GetTempPathA
GetThreadLocale
GetThreadSelectorEntry
GetTimeFormatW
GetUserDefaultLCID
GetVersionExW
GetVolumeInformationW
GetVolumeNameForVolumeMountPointA
GetWriteWatch
GlobalCompact
GlobalUnWire
HeapAlloc
IsBadCodePtr
IsBadHugeWritePtr
IsValidCodePage
IsValidLanguageGroup
LoadResource
LocalSize
LockFile
MapViewOfFileEx
MoveFileA
MoveFileExW
OpenSemaphoreA
OpenWaitableTimerW
PeekConsoleInputW
Process32Next
QueryInformationJobObject
GetStringTypeW
ReplaceFile
RequestDeviceWakeup
RtlMoveMemory
SearchPathA
SetComputerNameExW
SetCurrentDirectoryW
SetEnvironmentVariableW
SetFileApisToOEM
SetFilePointerEx
SetFileTime
SetLocaleInfoW
SetNamedPipeHandleState
SetPriorityClass
SetTapePosition
SetThreadExecutionState
SetThreadLocale
SetTimerQueueTimer
SignalObjectAndWait
UnlockFile
VerLanguageNameW
VerifyVersionInfoW
WriteConsoleInputA
WriteConsoleOutputCharacterA
WriteConsoleOutputCharacterW
lstrcpyA
lstrcpyn
GetShortPathNameA
GetProfileIntW
GetPrivateProfileStructA
GetNumberFormatA
GetMailslotInfo
GetFileType
GetFileAttributesA
GetDateFormatA
GetComputerNameExW
GetCommandLineA
GetCommState
GetCalendarInfoA
FindFirstVolumeA
FindFirstChangeNotificationW
FindClose
EnumUILanguagesA
EnumTimeFormatsW
ExitProcess
EnumResourceTypesA
EnumDateFormatsExA
EnterCriticalSection
DuplicateHandle
DnsHostnameToComputerNameW
DisconnectNamedPipe
DeviceIoControl
DeleteFileW
DefineDosDeviceA
CreateWaitableTimerW
CreateSemaphoreW
CreateProcessW
CreateProcessA
CreateMailslotW
CreateMailslotA
CreateJobObjectW
ContinueDebugEvent
CloseHandle
AreFileApisANSI
GetStartupInfoA
GetStartupInfoW
GetModuleHandleW
ReadConsoleW

msvcrt

memset

user32

GetMouseMovePointsEx
GetNextDlgGroupItem
GetScrollInfo
GetUserObjectSecurity
GetWindowLongW
InSendMessage
InSendMessageEx
IsCharLowerA
IsIconic
IsWindow
LoadCursorFromFileW
LoadCursorW
LoadMenuA
LockWindowUpdate
LookupIconIdFromDirectoryEx
MapDialogRect
MapVirtualKeyExW
MessageBoxExW
ModifyMenuW
OemToCharBuffW
PaintDesktop
PostQuitMessage
RegisterClassExA
ReleaseDC
ReuseDDElParam
SendDlgItemMessageW
SendIMEMessageExA
SendIMEMessageExW
SendMessageCallbackA
SendNotifyMessageW
SetActiveWindow
SetClassLongA
SetKeyboardState
SetMenuItemInfoA
SetScrollInfo
SetThreadDesktop
SetUserObjectSecurity
SetWindowRgn
SetWindowsHookA
ShowWindowAsync
SwapMouseButton
TrackMouseEvent
TranslateMessage
UnhookWindowsHook
UnionRect
ValidateRect
WindowFromDC
wsprintfA
GetMessageExtraInfo
GetMenuState
GetMenuItemInfoW
GetKeyboardLayout
GetCursorPos
GetCursor
GetClipboardOwner
GetClassInfoExA
GetClassInfoA
GetActiveWindow
FreeDDElParam
FindWindowExA
FindWindowA
FillRect
EnumWindowStationsW
DrawTextW
DrawIconEx
DrawFrameControl
DestroyWindow
DdeQueryNextServer
DdeFreeDataHandle
DdeCreateDataHandle
DdeConnect
CreateWindowStationW
CreateWindowExA
CreateIconIndirect
CreateIconFromResourceEx
CopyIcon
CloseClipboard
CharUpperW
CharUpperBuffW
CharUpperBuffA
CharNextExA
CharLowerA
ChangeDisplaySettingsExA
CallWindowProcW
BeginPaint
AnyPopup
DdeAbandonTransaction

gdi32

EngLoadModule
EngPaint
EngStretchBltROP
EngStrokePath
EnumFontsA
FONTOBJ_pvTrueTypeFontFile
FONTOBJ_vGetInfo
FontIsLinked
GdiConvertAndCheckDC
GdiConvertPalette
GdiConvertRegion
GdiCreateLocalMetaFilePict
GdiEntry16
GdiEntry8
GdiGetLocalBrush
GdiPlayJournal
GdiProcessSetup
GdiRealizationInfo
EngCreateClip
GetCharWidthFloatA
GetCharWidthI
GetCharWidthInfo
GetEnhMetaFileW
GetFontData
GetGlyphOutlineA
GetKerningPairs
GetROP2
GetTextExtentExPointI
GetTextExtentPoint32A
GetViewportOrgEx
NamedEscape
PatBlt
RealizePalette
RemoveFontResourceW
ResizePalette
SetICMMode
GetCharABCWidthsA
EngAcquireSemaphore

advapi32

RegOpenKeyA

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text6
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

owtwo1
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

owtwo2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo3
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo4
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo5
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo6
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo7
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33376e9b4b830bf46e880c461bf2a9e1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

advapi32

Sections

.text Size: 8KB - Virtual size: 7KB

.text6 Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 76B

owtwo1 Size: 1024B - Virtual size: 1000B

owtwo2 Size: 4KB - Virtual size: 3KB

.owtwo3 Size: 4KB - Virtual size: 3KB

.owtwo4 Size: 4KB - Virtual size: 3KB

.owtwo5 Size: 4KB - Virtual size: 3KB

.owtwo6 Size: 4KB - Virtual size: 3KB

.owtwo7 Size: 5KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 8KB - Virtual size: 7KB

.text6
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 76B

owtwo1
Size: 1024B - Virtual size: 1000B

owtwo2
Size: 4KB - Virtual size: 3KB

.owtwo3
Size: 4KB - Virtual size: 3KB

.owtwo4
Size: 4KB - Virtual size: 3KB

.owtwo5
Size: 4KB - Virtual size: 3KB

.owtwo6
Size: 4KB - Virtual size: 3KB

.owtwo7
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 16B