f70962bdd7e3265afcca1a2a0863e2aa7c0d82d6d49e95b71124ec85306b8642

Sharing

Copy URL Twitter E-mail

General

Target

f70962bdd7e3265afcca1a2a0863e2aa7c0d82d6d49e95b71124ec85306b8642
Size

364KB
MD5

a2460e8395fdedc30e2d20efb96cbe57
SHA1

af7b1bda05e18bd68770b541b992b97611b39739
SHA256

f70962bdd7e3265afcca1a2a0863e2aa7c0d82d6d49e95b71124ec85306b8642
SHA512

9ed9d18eecdc45b93522304c72ead6ebf5d7212914bdc227403dd1b4b38e0e5731dad13722eb3eab1f07d76bd1d46dd86d1f3cfdae617235e8f36e0c13023b09
SSDEEP

6144:jIRp6pKW6P8cG6p7fk+QGifBdzPV64KzegDuAOD1XWha:jap6f6JG6pIE4fzPV64KegUBWha

Score

N/A

Malware Config

Signatures

Files

f70962bdd7e3265afcca1a2a0863e2aa7c0d82d6d49e95b71124ec85306b8642
.exe windows x86

27b67ebc23a2fd0d27fc5e78b5bf4614

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
WriteConsoleW
HeapSize
FlushFileBuffers
HeapReAlloc
IsProcessorFeaturePresent
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeW
LCMapStringW
LoadLibraryW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
CreateSemaphoreA
GetFileType
SetHandleCount
GetEnvironmentStringsW
WaitForSingleObject
GetModuleFileNameA
RaiseException
WideCharToMultiByte
MultiByteToWideChar
RtlUnwind
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameW
GetStdHandle
WriteFile
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
CreateThread
CloseHandle
GetVersionExA
OutputDebugStringA
WaitForMultipleObjects
LoadLibraryA
GlobalFree
GetProcAddress
QueryPerformanceCounter
ReleaseSemaphore
GetOEMCP
GetACP
HeapCreate
Sleep
DeleteCriticalSection
GlobalAlloc
InterlockedDecrement
InterlockedIncrement
GetCPInfo
EncodePointer
DecodePointer
ExitProcess
FreeLibrary
GetCurrentProcess
HeapAlloc
FreeEnvironmentStringsW
GetModuleHandleW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapFree
GetLastError

user32

FindWindowA
DialogBoxParamA
UpdateWindow
SetCaretPos
UnregisterHotKey
LoadCursorA
IsWindow
CreateCaret
AppendMenuA
GetSystemMenu
GetWindowRect
PostQuitMessage
LoadStringA
GetParent
LoadIconA
GetWindowInfo
WindowFromPoint
GetClientRect
ShowCaret
GetDC
GetWindowTextA
GetWindowLongA
SetClassLongA
EndDialog
GetSysColor
GetCursorPos
LoadAcceleratorsA

gdi32

GdiFlush
GetCurrentPositionEx
GetTextMetricsA

winspool.drv

ClosePrinter

gdiplus

GdipCreatePen1
GdipDrawLineI
GdipCloneImage
GdipFree
GdipDeletePen
GdipDeleteGraphics
GdipDrawImageRectI
GdipLoadImageFromFile
GdipAlloc
GdipDisposeImage
GdipCreateFromHDC

opengl32

glVertex3f
glEnd
glNormal3f
glClear
glBegin

Sections

.text
Size: 283KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27b67ebc23a2fd0d27fc5e78b5bf4614

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

gdiplus

opengl32

Sections

.text Size: 283KB - Virtual size: 282KB

.rdata Size: 50KB - Virtual size: 49KB

.data Size: 6KB - Virtual size: 19KB

.bss Size: 17KB - Virtual size: 17KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 283KB - Virtual size: 282KB

.rdata
Size: 50KB - Virtual size: 49KB

.data
Size: 6KB - Virtual size: 19KB

.bss
Size: 17KB - Virtual size: 17KB

.rsrc
Size: 6KB - Virtual size: 6KB