bc53a74231f3f0188cd4c2d22e0ad7fb095ac7fd138fb95ed6b10c94b892d2ac

Sharing

Copy URL

Twitter E-mail

General

Target

bc53a74231f3f0188cd4c2d22e0ad7fb095ac7fd138fb95ed6b10c94b892d2ac
Size

241KB
MD5

db5bcfc801a944a236974f6df683c174
SHA1

12fe874fd9e80ff204c121f01892c8cc19e33d88
SHA256

bc53a74231f3f0188cd4c2d22e0ad7fb095ac7fd138fb95ed6b10c94b892d2ac
SHA512

87a03d7580bee3ad7911328430b7c9808a7ab8631bd70e7d8d1176906deaeb9ce70ec5279e3ad274d4adb3f3e431dde8f5745206364ccbd9c4cb1c0f6a27322d
SSDEEP

6144:FxwtH9DSflMiSOVQiudTMbjORpTw29MB8HZUjc3Nmt7a:F8dDePudTMXia2A85l3Nm0

Score

N/A

Malware Config

Signatures

Files

bc53a74231f3f0188cd4c2d22e0ad7fb095ac7fd138fb95ed6b10c94b892d2ac
.exe windows x86

fea7db6c754d7676b72eda592e4e9ae7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

GradientFill

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

LoadLibraryA
GetSystemDirectoryA
MultiByteToWideChar
WideCharToMultiByte
GlobalUnlock
GlobalLock
GlobalAlloc
LockResource
SizeofResource
LoadResource
FindResourceW
GetLastError
GetCurrentProcess
SetFileAttributesW
CloseHandle
ReadFile
GetFileSize
CreateFileW
WriteFile
GetEnvironmentVariableW
LocalFree
EnumResourceLanguagesW
EnumResourceNamesW
lstrlenW
GetSystemInfo
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetTickCount
MoveFileExW
GetSystemDirectoryW
CompareStringW
CompareStringA
FlushFileBuffers
CreateFileA
GetLocaleInfoW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetTimeZoneInformation
InterlockedExchange
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
SetFilePointer
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapSize
Sleep
HeapReAlloc
VirtualAlloc
EnterCriticalSection
GetProcAddress
FreeLibrary
GetModuleFileNameW
GetUserDefaultLangID
SystemTimeToFileTime
GetModuleHandleW
FatalAppExitA
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
HeapDestroy
HeapCreate
HeapAlloc
HeapFree

user32

CreateWindowExW
MessageBoxW
RegisterClassExW
LoadCursorW
SendMessageW
DrawTextW
DefWindowProcW
InvalidateRect
TrackMouseEvent
GetClientRect
SetWindowPos
DispatchMessageW
TranslateMessage
GetMessageW
UpdateWindow
ShowWindow
FillRect
ShowScrollBar
BeginPaint
EndPaint
DialogBoxParamW
ReleaseCapture
SetCapture
SetCursor
RegisterClassW
SetWindowTextW
LoadBitmapW
GetDlgItem
GetWindowRect
EndDialog
OpenClipboard
GetClipboardData
CloseClipboard
LoadIconW
ExitWindowsEx
MoveWindow
PostQuitMessage
DestroyWindow
SetScrollInfo
GetScrollInfo

gdi32

CreateSolidBrush
CreateCompatibleDC
DeleteObject
BitBlt
CreatePen
MoveToEx
LineTo
CreateFontW
SetTextColor
SelectObject
SetBkMode

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegCloseKey
LookupPrivilegeValueW
OpenProcessToken
SetNamedSecurityInfoW
SetEntriesInAclW
OpenSCManagerW
CreateServiceW
CloseServiceHandle
RegSetValueExW
RegQueryValueExW
RegEnumKeyExW
GetNamedSecurityInfoW
RegOpenKeyExW
RegEnumValueW
AdjustTokenPrivileges

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture

shlwapi

PathIsDirectoryW
PathFileExistsW

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0e3c
Size: 512B - Virtual size: 218B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1oqp
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.15as
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.a9as
Size: 512B - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.klkl
Size: 512B - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.psi
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.teta
Size: 512B - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ks1
Size: 512B - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.1231
Size: 512B - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.1237
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zetaa
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zeta0
Size: 512B - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tetaX
Size: 512B - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.1324
Size: 512B - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.1724
Size: 512B - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.9182
Size: 512B - Virtual size: 70B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fea7db6c754d7676b72eda592e4e9ae7

Headers

DLL Characteristics

File Characteristics

Imports

msimg32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 2KB - Virtual size: 2KB

.0e3c Size: 512B - Virtual size: 218B

.1oqp Size: 512B - Virtual size: 208B

.15as Size: 512B - Virtual size: 208B

.a9as Size: 512B - Virtual size: 206B

.klkl Size: 512B - Virtual size: 206B

.psi Size: 512B - Virtual size: 200B

.teta Size: 512B - Virtual size: 206B

.ks1 Size: 512B - Virtual size: 206B

.1231 Size: 512B - Virtual size: 206B

.1237 Size: 512B - Virtual size: 208B

.zetaa Size: 356KB - Virtual size: 355KB

.zeta0 Size: 512B - Virtual size: 206B

.tetaX Size: 512B - Virtual size: 206B

.1324 Size: 512B - Virtual size: 206B

.1724 Size: 512B - Virtual size: 206B

.9182 Size: 512B - Virtual size: 70B

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 512B - Virtual size: 252B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 2KB - Virtual size: 2KB

.0e3c
Size: 512B - Virtual size: 218B

.1oqp
Size: 512B - Virtual size: 208B

.15as
Size: 512B - Virtual size: 208B

.a9as
Size: 512B - Virtual size: 206B

.klkl
Size: 512B - Virtual size: 206B

.psi
Size: 512B - Virtual size: 200B

.teta
Size: 512B - Virtual size: 206B

.ks1
Size: 512B - Virtual size: 206B

.1231
Size: 512B - Virtual size: 206B

.1237
Size: 512B - Virtual size: 208B

.zetaa
Size: 356KB - Virtual size: 355KB

.zeta0
Size: 512B - Virtual size: 206B

.tetaX
Size: 512B - Virtual size: 206B

.1324
Size: 512B - Virtual size: 206B

.1724
Size: 512B - Virtual size: 206B

.9182
Size: 512B - Virtual size: 70B

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 512B - Virtual size: 252B