36c385840a7357dae4664c65c5a973a9e366a249c7839bd127d6352c5ba79376

Sharing

Copy URL

Twitter E-mail

General

Target

36c385840a7357dae4664c65c5a973a9e366a249c7839bd127d6352c5ba79376
Size

156KB
MD5

61d9675b74b2cc343b17817401e71030
SHA1

13f523ca870f1f04c37c47e05a0794f350111133
SHA256

36c385840a7357dae4664c65c5a973a9e366a249c7839bd127d6352c5ba79376
SHA512

2818fb07fe1de90d78e2e9f62a20d964b8ac0fb767970622ae06eb93cb533c38d4efda5469817cff7fdbc00ee0ca58b5305ba027274e0ebcfd742894a719db4e
SSDEEP

3072:LPmDborkh06yLNI8Yl/uectYnyHQjzA1bCjQxgX0+/uxafdUMaEe8L:TmnYzBm/4tkZWuX3uE1Mw

Score

N/A

Malware Config

Signatures

Files

36c385840a7357dae4664c65c5a973a9e366a249c7839bd127d6352c5ba79376
.exe windows x86

571c911fed8b999611def487ab46ba23

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetAltTabInfoW
GetMenuStringW
InsertMenuA
EnumPropsA
DrawEdge
ChangeDisplaySettingsExA
EnumWindowStationsA
CallMsgFilterW
LockWorkStation
UnhookWindowsHookEx
IsCharLowerW
GetWindow
ShowOwnedPopups

wininet

InternetGetCookieW
HttpOpenRequestA
HttpQueryInfoA
FindFirstUrlCacheEntryA
FtpCommandW
SetUrlCacheEntryInfoA
FtpPutFileA

gdi32

CreateColorSpaceW
AddFontMemResourceEx
AngleArc
CreateDIBSection
ChoosePixelFormat

mpr

WNetGetUserW
WNetCancelConnection2A
WNetAddConnection3W
WNetEnumResourceA
MultinetGetConnectionPerformanceW
WNetConnectionDialog

kernel32

LCMapStringW
HeapSize
RtlUnwind
Sleep
HeapFree
IsValidCodePage
GetOEMCP
MultiByteToWideChar
GetCPInfo
LoadLibraryW
EnterCriticalSection
GetStringTypeW
HeapAlloc
HeapReAlloc
IsProcessorFeaturePresent
GetACP
DecodePointer
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
SetCommBreak
CompareFileTime
WriteConsoleOutputCharacterA
GetExitCodeProcess
ExitProcess
EraseTape
SetThreadPriority
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetModuleHandleW
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

571c911fed8b999611def487ab46ba23

Headers

DLL Characteristics

File Characteristics

Imports

user32

wininet

gdi32

mpr

kernel32

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 3KB - Virtual size: 16KB

.rsrc Size: 121KB - Virtual size: 120KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 3KB - Virtual size: 16KB

.rsrc
Size: 121KB - Virtual size: 120KB