c5236f040ec47b08ed9692d0093383298c6fa03f229938a1b81c6dae563c3c14

Sharing

Copy URL Twitter E-mail

General

Target

c5236f040ec47b08ed9692d0093383298c6fa03f229938a1b81c6dae563c3c14
Size

453KB
MD5

acfaf8da416e9fd73e97e79ff8bece49
SHA1

5783e767633449de37b8d354ecd822093ff4d873
SHA256

c5236f040ec47b08ed9692d0093383298c6fa03f229938a1b81c6dae563c3c14
SHA512

af988cf27f0532076ddc8d17ef71919d47f0b0f8f5e5f397175e213ca2784a7f75e00bc1ca18487ed82a65ba6d55df20365b6704216f79d4c0307dba7358d081
SSDEEP

12288:eDYDASUIXWki6rBPXoDyYK7AL0M0hLdmpSkzZjvsjW/anohwQ:sEUITnNLYK7SgdmpSaYjW5yQ

Score

N/A

Malware Config

Signatures

Files

c5236f040ec47b08ed9692d0093383298c6fa03f229938a1b81c6dae563c3c14
.dll windows x86

a1d23ffd5794a284ca7920b8b89b8d6a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LocalAlloc
LocalFree
MapViewOfFile
MoveFileW
MulDiv
MultiByteToWideChar
OpenProcess
Process32FirstW
Process32NextW
QueryPerformanceCounter
RaiseException
ReadFile
RemoveDirectoryW
ResumeThread
RtlUnwind
SetEndOfFile
SetEnvironmentVariableW
SetErrorMode
SetFileAttributesW
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileSectionW
WritePrivateProfileStringW
WriteProfileStringW
lstrcatW
lstrlenA
lstrlenW
GlobalUnlock
GlobalLock
GlobalAlloc
GetWindowsDirectoryW
GetVersion
GetTimeFormatW
GetTickCount
GetSystemTimeAsFileTime
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetProfileStringW
GetProcessPriorityBoost
GetProcessHeap
GetProcAddress
GetPrivateProfileStringW
GetPrivateProfileSectionW
GetOEMCP
GetNumberFormatW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
CreateDirectoryW
CreateFileA
CreateFileMappingW
CreateProcessW
CreateThread
CreateToolhelp32Snapshot
DeleteCriticalSection
DeleteFileW
EnterCriticalSection
ExitProcess
ExitThread
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindNextFileW
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
CloseHandle
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsA
GetEnvironmentStringsW
GetFileAttributesW
GetFileSize
GetFileTime
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA

gdi32

StartPage
StartDocW
SetTextColor
SetMapMode
SetBkMode
SetBkColor
SelectObject
GetTextMetricsW
GetTextExtentPoint32W
GetStockObject
GetObjectW
GetDeviceCaps
GetDIBits
GdiFlush
ExtTextOutW
EndPage
EndDoc
DeleteObject
DeleteDC
CreateFontIndirectW
CreateDIBSection
CreateCompatibleDC

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

user32

GetMenu
GetMessageW
GetParent
GetPropW
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetWindowLongW
GetWindowRect
GetWindowTextW
GetWindowThreadProcessId
InflateRect
InsertMenuW
IntersectRect
InvalidateRect
InvalidateRgn
IsDialogMessageW
IsDlgButtonChecked
IsIconic
IsZoomed
LoadAcceleratorsW
LoadCursorW
LoadIconW
LoadImageW
LoadStringW
MapWindowPoints
MessageBoxW
MoveWindow
OffsetRect
OpenClipboard
PostMessageW
PostQuitMessage
PtInRect
RegisterClassExW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
ScreenToClient
SendMessageW
SetClipboardData
SetCursor
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetMenuItemInfoW
SetPropW
SetTimer
SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
TrackPopupMenu
TranslateAcceleratorW
TranslateMessage
UnionRect
WaitForInputIdle
GetIconInfo
GetFocus
GetDlgItemTextW
GetDlgItem
GetDC
GetCursorPos
GetClientRect
GetClassNameW
FindWindowW
FindWindowExW
EnumDisplaySettingsW
EnumChildWindows
EndPaint
EndDeferWindowPos
EnableWindow
EnableMenuItem
EmptyClipboard
DrawTextW
DrawMenuBar
DrawIconEx
DrawFrameControl
DispatchMessageW
DialogBoxParamW
DialogBoxIndirectParamW
DestroyWindow
DestroyIcon
DeleteMenu
DeferWindowPos
DefWindowProcW
CreateWindowExW
CreateIconIndirect
CreateDialogParamW
CloseClipboard
ClientToScreen
ChildWindowFromPoint
CheckMenuItem
CheckDlgButton
CallWindowProcW
BeginPaint
BeginDeferWindowPos
EndDialog

advapi32

SetSecurityInfo
RevertToSelf
RegUnLoadKeyW
RegSetValueW
RegSetValueExW
RegSetKeySecurity
RegQueryValueW
RegQueryValueExW
RegQueryValueExA
RegQueryInfoKeyW
RegOpenKeyW
RegOpenKeyExW
RegOpenKeyExA
RegLoadKeyW
RegGetKeySecurity
RegEnumValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyW
RegCreateKeyExW
RegCloseKey
OpenServiceW
OpenSCManagerW
OpenProcessToken
LookupPrivilegeValueW
LookupAccountSidW
LookupAccountNameW
ImpersonateLoggedOnUser
GetTokenInformation
GetSecurityInfo
GetAce
FreeSid
EqualSid
DeleteService
CryptReleaseContext
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptCreateHash
CryptAcquireContextW
CloseServiceHandle
AllocateAndInitializeSid
AdjustTokenPrivileges

Exports

Exports

Display
InteractiveLoop
Occurred
ProgramText
RealAsDouble
SystemExit
_Repeat
_flagmask
vExecTokenA

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 262KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1d23ffd5794a284ca7920b8b89b8d6a

Headers

File Characteristics

Imports

kernel32

gdi32

version

user32

advapi32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 96KB

.rdata Size: 262KB - Virtual size: 262KB

.data Size: 70KB - Virtual size: 71KB

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 96KB - Virtual size: 96KB

.rdata
Size: 262KB - Virtual size: 262KB

.data
Size: 70KB - Virtual size: 71KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 6KB - Virtual size: 5KB