bef842989b7e4db156cba58ab14cf157c2f6f9a3748d72e1ed616010f973d533

General

Target

bef842989b7e4db156cba58ab14cf157c2f6f9a3748d72e1ed616010f973d533
Size

203KB
MD5

3e33d2026d6ed3cee69dbea84b41994a
SHA1

81c8d256061a9395ab1c2422999a53daa1ab0dc8
SHA256

bef842989b7e4db156cba58ab14cf157c2f6f9a3748d72e1ed616010f973d533
SHA512

ba1bbcdba3530126ceddc47a4b9413bc06cea9612a2a6554ec86419b1b096932d2a50a0f4dc689e041c8291d20c6e891c98dc0d0893e9ec0ad19215c863f2312
SSDEEP

3072:mGPBDNa9ncpY1bX7P7o3sCjGqqdgn90IFQeph/QzGNFrYFSF/7ybwAg:HI9n+3sCSRgnfQC5r9+sA

Score

N/A

Malware Config

Signatures

Files

bef842989b7e4db156cba58ab14cf157c2f6f9a3748d72e1ed616010f973d533
.exe windows x86

58ec145ac749392ce112cd381cfcd3a4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__setusermatherr
_amsg_exit
fread
wcsrchr
_cexit
realloc
_stricmp
wcscoll

ntdll

NtOpenEventPair
NtOpenSemaphore
NtQueryMutant
ZwOpenMutant
NtOpenMutant
NtReadFile

dmsecode

_Snan
_Sinh
_Eps
_Tolower
_Exp
_LNan
_FDtest
_Stof
_LExp
_Nan

kernel32

FindNextFileW
GetUserDefaultUILanguage
VirtualAllocEx
SleepEx
HeapFree
GetStartupInfoA
GetTickCount
DeleteFileW
GetCurrentProcess
FindNextVolumeW
CloseHandle
lstrlenA
HeapSize
CreateEventW
GetPriorityClass
InterlockedIncrement
GetCurrentProcessId
InterlockedDecrement
GetFullPathNameW
DeleteCriticalSection
GetLocaleInfoW
MultiByteToWideChar
HeapSetInformation
lstrlenW
ExitProcess
HeapReAlloc
FlushInstructionCache
GlobalAlloc

gdi32

SetBrushOrgEx
CreateSolidBrush
GetTextMetricsW
CreateCompatibleDC
CreateDIBSection
SetTextColor
DeleteDC
PatBlt

user32

GetCapture
MessageBeep
IsChild
BeginPaint
DrawTextW
DrawTextExW
OpenClipboard
LoadImageW
GetWindowTextLengthW
CharUpperW
GetDesktopWindow
CreateWindowExW
GetMenuItemCount
IsWindow
EndPaint
FindWindowW
EnableMenuItem
GetClassNameA
CallNextHookEx
DestroyAcceleratorTable
GetWindow
SendMessageA
SetWindowPos
CallWindowProcW
InvalidateRgn
ReleaseCapture
LoadAcceleratorsW
UnregisterClassA
FillRect

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58ec145ac749392ce112cd381cfcd3a4

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

ntdll

dmsecode

kernel32

gdi32

user32

Sections

.text Size: 22KB - Virtual size: 22KB

.data Size: 43KB - Virtual size: 43KB

.rsrc Size: 136KB - Virtual size: 140KB

.text
Size: 22KB - Virtual size: 22KB

.data
Size: 43KB - Virtual size: 43KB

.rsrc
Size: 136KB - Virtual size: 140KB