bdb11edda04b35d7cbb4ca3f5093a8882c4b06c9c1453932be5d41462821b3c4

Sharing

Copy URL Twitter E-mail

General

Target

bdb11edda04b35d7cbb4ca3f5093a8882c4b06c9c1453932be5d41462821b3c4
Size

326KB
MD5

513f4dfec70a7c40becf01d25c4305c0
SHA1

c15b6bdf15a67d09a756bfc216e3c526623e5d81
SHA256

bdb11edda04b35d7cbb4ca3f5093a8882c4b06c9c1453932be5d41462821b3c4
SHA512

f11354a876bbb2853ef1f1a6fcd91585299f40d6b762c1b64eaff58aff00366859555d376df7e0c7e9da371cc59929b8f6455850d9a5ac074fb1ad98cc51e57a
SSDEEP

6144:cSuvRxCW/wwIR/Hl2aQXi5yXy9HR14Xx/9y02FF17tS813W0L9v9YtOzsF9:cfu37Bl2asayyHR1w/eF17tv13JtgF9

Score

N/A

Malware Config

Signatures

Files

bdb11edda04b35d7cbb4ca3f5093a8882c4b06c9c1453932be5d41462821b3c4
.exe windows x86

648fc8282ae7f9854967f6209f0fe08f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

FlatSB_GetScrollPos
ImageList_Destroy
InitCommonControlsEx
ImageList_GetIconSize
PropertySheetW
CreateToolbarEx
CreatePropertySheetPageW

gdi32

GetStockObject
GetMapMode
Rectangle
BitBlt
CreateFontIndirectW
EnumFontFamiliesExW
CreateDiscardableBitmap
SetWindowExtEx
SetViewportExtEx
TextOutW
GetNearestColor
TranslateCharsetInfo
GetWindowExtEx
CreateDIBitmap
GetTextCharsetInfo
GetTextMetricsW
ExcludeClipRect
SelectPalette
GetViewportExtEx
MoveToEx
ExtTextOutW
GetDeviceCaps
SetBkColor
PatBlt
GetObjectW
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
LineTo
CreateRectRgnIndirect
CreatePen
DeleteDC
SelectObject
GetTextExtentPointW
SetBkMode
RealizePalette
SetMapMode
GetTextCharset
GetCharWidth32W
SetTextColor
SelectClipRgn
CreateICW
DeleteObject
CreateDCW
CreateFontW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegQueryValueW
RegEnumValueW
RegSetValueExW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

dnsapi

DnsReplaceRecordSetW

rpcrt4

NdrClientCall2
I_RpcExceptionFilter
RpcEpResolveBinding
RpcBindingFromStringBindingW
RpcStringBindingComposeW
RpcBindingSetAuthInfoExW
RpcStringFreeW
RpcBindingFree

mswsock

AcceptEx
GetAcceptExSockaddrs

ntdll

memmove
RtlUnicodeToMultiByteSize
RtlIsNameLegalDOS8Dot3
RtlInitUnicodeStringEx
RtlUnwind
NtQueryVirtualMemory
_wcsicmp
_chkstk
RtlUnicodeStringToAnsiString
NtAllocateVirtualMemory
_vsnwprintf
wcslen

kernel32

UnhandledExceptionFilter
LocalFree
DeleteFileW
GetProcAddress
DeleteCriticalSection
GlobalAlloc
CreateFileW
GetSystemDefaultUILanguage
FindResourceExW
GetModuleHandleW
GlobalReAlloc
FreeLibrary
EnterCriticalSection
MultiByteToWideChar
InterlockedCompareExchange
GetACP
lstrcpyW
lstrlenW
FreeLibraryAndExitThread
FindResourceW
WideCharToMultiByte
GetCurrentProcess
ResetEvent
SetErrorMode
ExpandEnvironmentStringsW
SetCurrentDirectoryW
LocalReAlloc
TlsAlloc
FindNextFileW
FindFirstFileW
GlobalUnlock
LeaveCriticalSection
SetLastError
LoadResource
InitializeCriticalSectionAndSpinCount
CreateEventW
GetDriveTypeW
LocalAlloc
InterlockedIncrement
TlsFree
GetProfileStringW
InterlockedExchange
TlsGetValue
TlsSetValue
GetVersionExA
TerminateProcess
lstrcpyA
FreeResource
CreateThread
GetLastError
LocalSize
lstrlenA
GetModuleFileNameW
GetShortPathNameW
GetTempFileNameW
LockResource
GetModuleHandleA
LoadLibraryW
SetUnhandledExceptionFilter
FindClose
SizeofResource
lstrcmpiW
GetTickCount
GetFullPathNameW
GetCurrentProcessId
lstrcpynW
GetUserDefaultLCID
InterlockedDecrement
GetCurrentThreadId
CloseHandle
GetVolumeInformationW
lstrcmpW
SetEvent
QueryPerformanceCounter
GetCurrentDirectoryW
GetSystemTimeAsFileTime
DelayLoadFailureHook
WaitForSingleObject
GlobalLock
GlobalFree
GetProcessVersion
GetFileAttributesW
FormatMessageW
GetLocaleInfoW
MulDiv
LoadLibraryA
FindResourceA
DisableThreadLibraryCalls

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

648fc8282ae7f9854967f6209f0fe08f

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

gdi32

advapi32

dnsapi

rpcrt4

mswsock

ntdll

kernel32

Sections

.text Size: 42KB - Virtual size: 42KB

.data Size: 9KB - Virtual size: 1.4MB

.rdata Size: 113KB - Virtual size: 113KB

.rsrc Size: 159KB - Virtual size: 158KB

.tls Size: 512B - Virtual size: 4KB

.text
Size: 42KB - Virtual size: 42KB

.data
Size: 9KB - Virtual size: 1.4MB

.rdata
Size: 113KB - Virtual size: 113KB

.rsrc
Size: 159KB - Virtual size: 158KB

.tls
Size: 512B - Virtual size: 4KB