f8fb93dcb84a41278d08eba4f8f357540247a374cfff1c44c341e8fc8842bf2e

Sharing

Copy URL Twitter E-mail

General

Target

f8fb93dcb84a41278d08eba4f8f357540247a374cfff1c44c341e8fc8842bf2e
Size

322KB
MD5

470779e6c09787d14a65b5498bc34af0
SHA1

4142b2a21854daeac283574fa446c532739a5ac2
SHA256

f8fb93dcb84a41278d08eba4f8f357540247a374cfff1c44c341e8fc8842bf2e
SHA512

3c0ee064547cc239ee74bd69e8d0903676cf7b4f8e9810e1dff029e06d73d13c687419eb123622028316cbddaf95fe4e1065dbc36762f674c038ca3df83b0dfe
SSDEEP

6144:tTAPQqzPSfQuEB4Y2abv6of9FNs+Hyzc7bdwdgsGTCMxMIRfQN6k8BaYI3:a4qzPSYuEEkiofq+HD3KLGTCM7xO6kX

Score

N/A

Malware Config

Signatures

Files

f8fb93dcb84a41278d08eba4f8f357540247a374cfff1c44c341e8fc8842bf2e
.exe windows x86

6f332c6ee9d67464117b954b4251de54

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetCurrentThreadId
CloseHandle
CreateFileW
SetStdHandle
WriteConsoleW
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapReAlloc
GetLastError
GetTickCount
LCMapStringW
LoadLibraryW
GetCurrentProcess
HeapSize
MultiByteToWideChar
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
ExitThread
HeapCreate
Sleep
WriteFile
InterlockedDecrement
SetLastError
HeapAlloc
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
ExitProcess
GetModuleHandleW
GetProcAddress
DecodePointer
EncodePointer
LeaveCriticalSection
EnterCriticalSection
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
IsProcessorFeaturePresent

user32

LoadCursorA
UpdateWindow
ReleaseCapture
DialogBoxParamA
ShowWindow
SetWindowTextW
DefWindowProcA
GetDlgItem
MoveWindow
LoadIconW
DestroyWindow
GetWindowRect
CreateDialogParamA
SetCapture
GetClientRect
EnumWindows

gdi32

CreateSolidBrush

comdlg32

ChooseColorA

ws2_32

WSAStartup
WSACleanup

comctl32

ImageList_Destroy

gdiplus

GdipCloneImage
GdiplusStartup
GdiplusShutdown
GdipFree
GdipSaveAdd
GdipSaveAddImage
GdipLoadImageFromFile
GdipAlloc
GdipDisposeImage
GdipSaveImageToFile

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 188KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f332c6ee9d67464117b954b4251de54

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

ws2_32

comctl32

gdiplus

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 188KB - Virtual size: 241KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 188KB - Virtual size: 241KB

.rsrc
Size: 15KB - Virtual size: 15KB