c2858d2e0350f45944adf564e95e34f9fb9036d4efbf9716748b638ddb1d7641

Sharing

Copy URL Twitter E-mail

General

Target

c2858d2e0350f45944adf564e95e34f9fb9036d4efbf9716748b638ddb1d7641
Size

206KB
MD5

849e6cc7b9fdbaf78afe385b3d798db2
SHA1

086643f610b1f4bc47797b29583802caf40285ea
SHA256

c2858d2e0350f45944adf564e95e34f9fb9036d4efbf9716748b638ddb1d7641
SHA512

0a4e5a8118d81cafe09e4fc99b9117f80bea4d3e0bc69ab0289f6035697792cf1b7e0ac3501b460df5a34185dd15ca4c9223dbf68e17d44c5477cde38964ca9e
SSDEEP

3072:ebziXLUTpzue7vWZ4iyoOyme6C5NdGSPGgtGKJkvLTUbtJri0syZ8DMwDLU3Tn:aiX87kQoO9w5rGxCoYxJrTsyZcJDLmD

Score

N/A

Malware Config

Signatures

Files

c2858d2e0350f45944adf564e95e34f9fb9036d4efbf9716748b638ddb1d7641
.exe windows x86

0179414c634c1d8d524fd775b7f978a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFileEx
LocalFree
SetStdHandle
WriteConsoleW
IsProcessorFeaturePresent
SetFilePointer
GetStringTypeW
MultiByteToWideChar
LCMapStringW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapReAlloc
HeapSize
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
Sleep
GlobalFree
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
ReadFileEx
CreateNamedPipeA
GetLastError
DisconnectNamedPipe
lstrlenW
GetOverlappedResult
CreateFileW
ReadFile
HeapCreate
CreateFileA
CreateEventA
LoadLibraryW
GlobalAlloc
WriteFile
GetProcessHeap
GetTickCount
ConnectNamedPipe
SetEvent
GetUserDefaultLCID
HeapAlloc
lstrlenA
GetFileSize
GetModuleFileNameA
LeaveCriticalSection
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
GetStdHandle
GetModuleFileNameW
EncodePointer
EnterCriticalSection

user32

MoveWindow
EndPaint
DestroyWindow
GetMessageA
GetClassNameA
GetSystemMenu
IsMenu
PostQuitMessage
SendDlgItemMessageA
GetLastActivePopup
GetSubMenu
GetMenuBarInfo
GetParent
LoadIconA
IsWindowEnabled
GetClientRect
SendMessageA
BeginPaint
GetIconInfo
GetDC
TranslateMessage
MessageBoxA
UnregisterClassA
GetWindowLongA
CreateWindowExA
GetClassNameW
ReleaseDC
SetClassLongA
GetMenuState
IsWindowUnicode
GetDesktopWindow
GetSysColor
GetCursorPos
PostMessageA
DispatchMessageA
GetMenuInfo
ReleaseCapture
CloseWindow
LoadCursorA
GetDlgItemTextA
SetDlgItemTextA
GetWindowThreadProcessId
RegisterClassA

gdi32

MoveToEx
DeleteDC
CreateFontIndirectA
SetBkColor
GetDCBrushColor
SetBkMode
SelectObject
Rectangle
CreatePen
SetTextAlign
GetObjectA
TextOutW
GetStockObject
TextOutA
DeleteObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA
PrintDlgA
ChooseFontA

userenv

GetProfileType

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 158KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0179414c634c1d8d524fd775b7f978a5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

userenv

Sections

.text Size: 34KB - Virtual size: 34KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 158KB - Virtual size: 165KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 34KB - Virtual size: 34KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 158KB - Virtual size: 165KB

.rsrc
Size: 1KB - Virtual size: 1KB