fc04afc60d3657cc7ef4666c6e919ec2fcccad70407fdc6b25b0b8b6c3b66c0f

Sharing

Copy URL Twitter E-mail

General

Target

fc04afc60d3657cc7ef4666c6e919ec2fcccad70407fdc6b25b0b8b6c3b66c0f
Size

56KB
MD5

a33cfd170442411e5ccf73ae3d57248a
SHA1

35bbe03d5ae3925241b8dfdd71894738a3ae963e
SHA256

fc04afc60d3657cc7ef4666c6e919ec2fcccad70407fdc6b25b0b8b6c3b66c0f
SHA512

fbfac981976e1e20a8e29e2e6a494ef183f498736e466c197c1a9a9f4b350cd03289fe9a4a9107c5cb6a22c0eddce0e008bf37401e951a91c13ed75ac32b0a3b
SSDEEP

768:O9lkud8VSlKucSEL3i8LAeOvp5VlQdydo3JaAidqOc:iVtKucSEL3i8LATv1Up+r

Score

N/A

Malware Config

Signatures

Files

fc04afc60d3657cc7ef4666c6e919ec2fcccad70407fdc6b25b0b8b6c3b66c0f
.exe windows x86

68202af9f587ab416d87cf6743b91ef0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

sndPlaySoundA
sndPlaySoundW
PlaySoundA
PlaySoundW
waveOutOpen

ntdll

ZwResumeThread
memset
_wcsnicmp
ZwMapViewOfSection
ZwUnmapViewOfSection
ZwQueryInformationProcess
ZwQueueApcThread
ZwQuerySystemInformation

shlwapi

PathCombineW
StrToIntW
StrStrIW

dbghelp

MiniDumpWriteDump

kernel32

GetCurrentProcess
CreateFileW
WaitForSingleObject
GetCurrentProcessId
GetCurrentThreadId
GetLocalTime
GetModuleFileNameW
SetUnhandledExceptionFilter
OpenMutexW
lstrlenA
GetComputerNameA
HeapAlloc
HeapFree
HeapValidate
LeaveCriticalSection
TerminateThread
EnterCriticalSection
ResumeThread
SetThreadPriority
CreateThread
GetLastError
DeleteFileA
Sleep
SetFileAttributesA
CreateMutexW
ExitThread
CreateProcessW
ExitProcess
Process32NextW
Process32FirstW
ReleaseMutex
HeapCreate
SetEvent
OpenEventW
GetVersionExW
GetModuleFileNameA
GetCommandLineW
VirtualProtect
VirtualFree
GetProcAddress
GetModuleHandleW
UnmapViewOfFile
SetErrorMode
SetPriorityClass
MapViewOfFile
OpenFileMappingW
GlobalFree
GlobalUnlock
lstrcpyW
lstrlenW
MultiByteToWideChar
GlobalLock
WideCharToMultiByte
GlobalAlloc
lstrcmpiA
lstrcmpiW
SetLastError
Beep
CreateFileMappingW
ReadProcessMemory
CreateEventW
GetTickCount
lstrcatW
GetSystemDirectoryW
GetSystemInfo
CloseHandle
GetHandleInformation
LoadLibraryA
InitializeCriticalSection
IsBadWritePtr
Module32NextW
Module32FirstW
SwitchToThread
VirtualFreeEx
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
OpenProcess
CreateToolhelp32Snapshot

user32

SetThreadDesktop
ScreenToClient
DefWindowProcW
PrintWindow
SendMessageW
RedrawWindow
GetParent
IsWindowVisible
CloseDesktop
FindWindowW
SwitchDesktop
OpenInputDesktop
OpenDesktopA
FindWindowExW
GetDesktopWindow
OpenDesktopW
SetClipboardData
OpenClipboard
IsClipboardFormatAvailable
GetPriorityClipboardFormat
GetClipboardData
EmptyClipboard
CountClipboardFormats
CloseClipboard
IsWindow
WindowFromDC
FillRect
GetClientRect
ActivateKeyboardLayout
PostMessageW
GetAncestor
SetKeyboardState
GetMenuItemID
TrackPopupMenuEx
GetMenuItemRect
GetSubMenu
GetWindow
MenuItemFromPoint
HiliteMenuItem
GetMenuState
GetMenuItemCount
GetMenu
CallWindowProcW
PeekMessageA
PeekMessageW
GetMessageA
GetMessageW
CallWindowProcA
DefMDIChildProcA
DefMDIChildProcW
DefFrameProcA
DefFrameProcW
DefDlgProcA
DefDlgProcW
DefWindowProcA
GetCapture
ReleaseCapture
SetCapture
GetMessagePos
SetCursorPos
GetCursorPos
FlashWindow
FlashWindowEx
MessageBeep
ReleaseDC
GetDC
GetThreadDesktop
GetClassNameA
GetUserObjectInformationW
wsprintfW
GetWindowThreadProcessId
EnumChildWindows
GetClassLongW
SetClassLongW
GetWindowInfo
SetWindowLongW
EndMenu
SetLayeredWindowAttributes

gdi32

CreateCompatibleDC
CreateSolidBrush
GetViewportOrgEx
DeleteObject
SelectClipRgn
DeleteDC
GdiFlush
GetDIBits
CreateDIBSection
SetDIBitsToDevice
CreateCompatibleBitmap
SelectObject
SetViewportOrgEx
CreateRectRgn
GetClipRgn
BitBlt

advapi32

RegQueryValueExW
RegOpenKeyW
RegCloseKey

shell32

SHGetFolderPathW
ShellExecuteW
CommandLineToArgvW

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68202af9f587ab416d87cf6743b91ef0

Headers

DLL Characteristics

File Characteristics

Imports

winmm

ntdll

shlwapi

dbghelp

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 20KB - Virtual size: 20KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 20KB - Virtual size: 20KB

.reloc
Size: 4KB - Virtual size: 4KB