68a027a7fb958b421e758ea903b0e4a953aa4c501738687e6b9597a3316449ef

Sharing

Copy URL Twitter E-mail

General

Target

68a027a7fb958b421e758ea903b0e4a953aa4c501738687e6b9597a3316449ef
Size

326KB
MD5

6f4ec9a8ba6892a6e26eddf420fcc870
SHA1

2130fb356ea551b64c1a11fb13f9f6dea7c25647
SHA256

68a027a7fb958b421e758ea903b0e4a953aa4c501738687e6b9597a3316449ef
SHA512

773c0aa4af4714aa8e780e9986383191699a858240c63e3d49a09e66324270b00b46eb8410ec4669866d3366ae2fbf5a36489be8a59403a238d47e9b495a9f60
SSDEEP

6144:MSuvRxCW/wwIR/Hl2aQXi5yXy9HR14Xx/9y02FF17tS813W0L9v9YtOzsF9:Mfu37Bl2asayyHR1w/eF17tv13JtgF9

Score

N/A

Malware Config

Signatures

Files

68a027a7fb958b421e758ea903b0e4a953aa4c501738687e6b9597a3316449ef
.exe windows x86

648fc8282ae7f9854967f6209f0fe08f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

FlatSB_GetScrollPos
ImageList_Destroy
InitCommonControlsEx
ImageList_GetIconSize
PropertySheetW
CreateToolbarEx
CreatePropertySheetPageW

gdi32

GetStockObject
GetMapMode
Rectangle
BitBlt
CreateFontIndirectW
EnumFontFamiliesExW
CreateDiscardableBitmap
SetWindowExtEx
SetViewportExtEx
TextOutW
GetNearestColor
TranslateCharsetInfo
GetWindowExtEx
CreateDIBitmap
GetTextCharsetInfo
GetTextMetricsW
ExcludeClipRect
SelectPalette
GetViewportExtEx
MoveToEx
ExtTextOutW
GetDeviceCaps
SetBkColor
PatBlt
GetObjectW
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
LineTo
CreateRectRgnIndirect
CreatePen
DeleteDC
SelectObject
GetTextExtentPointW
SetBkMode
RealizePalette
SetMapMode
GetTextCharset
GetCharWidth32W
SetTextColor
SelectClipRgn
CreateICW
DeleteObject
CreateDCW
CreateFontW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegQueryValueW
RegEnumValueW
RegSetValueExW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

dnsapi

DnsReplaceRecordSetW

rpcrt4

NdrClientCall2
I_RpcExceptionFilter
RpcEpResolveBinding
RpcBindingFromStringBindingW
RpcStringBindingComposeW
RpcBindingSetAuthInfoExW
RpcStringFreeW
RpcBindingFree

mswsock

AcceptEx
GetAcceptExSockaddrs

ntdll

memmove
RtlUnicodeToMultiByteSize
RtlIsNameLegalDOS8Dot3
RtlInitUnicodeStringEx
RtlUnwind
NtQueryVirtualMemory
_wcsicmp
_chkstk
RtlUnicodeStringToAnsiString
NtAllocateVirtualMemory
_vsnwprintf
wcslen

kernel32

UnhandledExceptionFilter
LocalFree
DeleteFileW
GetProcAddress
DeleteCriticalSection
GlobalAlloc
CreateFileW
GetSystemDefaultUILanguage
FindResourceExW
GetModuleHandleW
GlobalReAlloc
FreeLibrary
EnterCriticalSection
MultiByteToWideChar
InterlockedCompareExchange
GetACP
lstrcpyW
lstrlenW
FreeLibraryAndExitThread
FindResourceW
WideCharToMultiByte
GetCurrentProcess
ResetEvent
SetErrorMode
ExpandEnvironmentStringsW
SetCurrentDirectoryW
LocalReAlloc
TlsAlloc
FindNextFileW
FindFirstFileW
GlobalUnlock
LeaveCriticalSection
SetLastError
LoadResource
InitializeCriticalSectionAndSpinCount
CreateEventW
GetDriveTypeW
LocalAlloc
InterlockedIncrement
TlsFree
GetProfileStringW
InterlockedExchange
TlsGetValue
TlsSetValue
GetVersionExA
TerminateProcess
lstrcpyA
FreeResource
CreateThread
GetLastError
LocalSize
lstrlenA
GetModuleFileNameW
GetShortPathNameW
GetTempFileNameW
LockResource
GetModuleHandleA
LoadLibraryW
SetUnhandledExceptionFilter
FindClose
SizeofResource
lstrcmpiW
GetTickCount
GetFullPathNameW
GetCurrentProcessId
lstrcpynW
GetUserDefaultLCID
InterlockedDecrement
GetCurrentThreadId
CloseHandle
GetVolumeInformationW
lstrcmpW
SetEvent
QueryPerformanceCounter
GetCurrentDirectoryW
GetSystemTimeAsFileTime
DelayLoadFailureHook
WaitForSingleObject
GlobalLock
GlobalFree
GetProcessVersion
GetFileAttributesW
FormatMessageW
GetLocaleInfoW
MulDiv
LoadLibraryA
FindResourceA
DisableThreadLibraryCalls

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

648fc8282ae7f9854967f6209f0fe08f

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

gdi32

advapi32

dnsapi

rpcrt4

mswsock

ntdll

kernel32

Sections

.text Size: 42KB - Virtual size: 42KB

.data Size: 9KB - Virtual size: 1.4MB

.rdata Size: 113KB - Virtual size: 113KB

.rsrc Size: 159KB - Virtual size: 158KB

.tls Size: 512B - Virtual size: 4KB

.text
Size: 42KB - Virtual size: 42KB

.data
Size: 9KB - Virtual size: 1.4MB

.rdata
Size: 113KB - Virtual size: 113KB

.rsrc
Size: 159KB - Virtual size: 158KB

.tls
Size: 512B - Virtual size: 4KB