58014ea8b3e2f8d1aa3608f60b4b786ef6d249d3acaa04fe9601758ada6bacd0

Sharing

Copy URL Twitter E-mail

General

Target

58014ea8b3e2f8d1aa3608f60b4b786ef6d249d3acaa04fe9601758ada6bacd0
Size

1.1MB
MD5

6ee7f990c850a9e92b96e0d34fc1e63d
SHA1

7a4c4dfb2f21d15d137771d0e3aae7f8ddd8e5fc
SHA256

58014ea8b3e2f8d1aa3608f60b4b786ef6d249d3acaa04fe9601758ada6bacd0
SHA512

cbb0a61f73ecf4e354991a3969a24f4ad17f6cc76caa62ff41451f9cce66968b290bbad9d331f6332c6e8d0c7b649c069e33007de3a0e3f2ae4361a7fcae92f5
SSDEEP

24576:S0L+USSD5ulk2VKF/k/5GsKMSx8lcEWoAA:S0L+7SD5uZVKFo5tKvAgoAA

Score

N/A

Malware Config

Signatures

Files

58014ea8b3e2f8d1aa3608f60b4b786ef6d249d3acaa04fe9601758ada6bacd0
.exe windows x86

b7873342233a51a968c8c1f86e017f62

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
WideCharToMultiByte
MultiByteToWideChar
LocalFree
LocalAlloc
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
GetLastError
lstrlenW
GetModuleHandleW
GetWindowsDirectoryW
lstrcpynW
GetModuleFileNameW
GetTempPathA
GetSystemDirectoryW
DeleteFileA
GetWindowsDirectoryA
IsDBCSLeadByte
GetCPInfo
lstrcmpiA
CreateFileA
GetFileSize
MapViewOfFile
UnmapViewOfFile
CompareStringA
LocalReAlloc
IsDBCSLeadByteEx
IsValidCodePage
FindResourceExW
LoadResource
GetSystemDefaultLangID
lstrcmpA
lstrcmpiW
CreateMutexW
GetCommandLineW
GetStartupInfoA
UnhandledExceptionFilter
QueryPerformanceCounter
Sleep
DisableThreadLibraryCalls
GetModuleFileNameA
GetModuleHandleA
GetACP
WaitForSingleObject
CloseHandle
lstrlenA
FindFirstFileW
FindNextFileW
GetFileAttributesW
VerifyVersionInfoW
GetStdHandle
GetFileType
WriteConsoleW
GetConsoleOutputCP
FreeLibrary
SearchPathW
WriteFile
SetLastError

user32

LoadStringW
wsprintfW
GetDlgItem
GetPropA
SetPropA
SetDlgItemTextW
GetParent
MoveWindow
CharNextExA
wsprintfA
DialogBoxIndirectParamW
DialogBoxParamW
CharLowerA
GetTopWindow
GetForegroundWindow
GetSystemMetrics
GetDC
ReleaseDC

advapi32

RegCreateKeyExA
RegEnumKeyA
RegDeleteValueA
RegEnumValueW
RegEnumValueA
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
RegDeleteKeyW
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExW
RegDeleteKeyA
RegSetValueExA

ole32

CreateStreamOnHGlobal
CoTaskMemFree

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

msvcrt

puts
fwprintf
vswprintf
vfwprintf
fprintf
setlocale
strncpy
strrchr
strchr
atoi
strncmp
wcsstr
memmove
wcschr
malloc
exit
free
_getch

rpcrt4

RpcStringFreeW
RpcBindingFromStringBindingW
RpcBindingFree

Sections

.text
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7873342233a51a968c8c1f86e017f62

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

version

msvcrt

rpcrt4

Sections

.text Size: 132KB - Virtual size: 130KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 80KB - Virtual size: 2.2MB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 132KB - Virtual size: 130KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 80KB - Virtual size: 2.2MB

.rsrc
Size: 16KB - Virtual size: 13KB