b345fbe4bde4d44288b745f212e12023208dbfbefe168e28b6f1ce28e626498a

Sharing

Copy URL

Twitter E-mail

General

Target

b345fbe4bde4d44288b745f212e12023208dbfbefe168e28b6f1ce28e626498a
Size

171KB
MD5

6592321b408d14519f2b90de3b53f56c
SHA1

8560f9680962b338287ea44df8824890ff738ad6
SHA256

b345fbe4bde4d44288b745f212e12023208dbfbefe168e28b6f1ce28e626498a
SHA512

5670530ff5681a4b147e8743489c1de53a5c2e8916243fd408f3fa1c672b2b0e9c370be823675e6206dff3de7819cdfa0e63dd64871958b054ae004523b6d255
SSDEEP

3072:DJSOBKfzjdGPC7j3aFXNu+gLwMpZuwsG9jI85hs9gSzq29MoW:VSbfPd4C/2XkPwMvx1SSwdKo

Score

N/A

Malware Config

Signatures

Files

b345fbe4bde4d44288b745f212e12023208dbfbefe168e28b6f1ce28e626498a
.exe windows x86

6edb5026783152d291128a66f588146f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetCurrentProcess
CoInitialize

advapi32

RegSetValueExA
RegCreateKeyA
GetLengthSid
CryptCreateHash
OpenEventLogW
OpenServiceW
RegDeleteValueA
RegEnumKeyExA
RegOpenKeyExW
RegEnumValueA
RegOpenKeyW
RegQueryInfoKeyA
RegDeleteKeyA
RegOpenKeyA
CryptDeriveKey
EqualSid

rpcrt4

CStdStubBuffer_AddRef
CStdStubBuffer_Connect

user32

CharToOemA
CheckMenuRadioItem
GetCaretPos
GetClassLongA
EnableMenuItem
wsprintfW
GetMessageA
GetForegroundWindow
EnumWindows
RemovePropW
ReplyMessage
GetMonitorInfoW
RegisterClassExA
GetScrollInfo
DrawTextA
PostThreadMessageW
IntersectRect
SendNotifyMessageW
DefFrameProcW
SetScrollRange
SetMenuItemBitmaps
CheckRadioButton
GetWindow
AttachThreadInput
GetPropW
DialogBoxParamA
GetMenu
DrawEdge
AdjustWindowRectEx
BeginDeferWindowPos
GetWindowDC
DeleteMenu
GetFocus
GetClassLongW
DragObject
MonitorFromRect
GetDlgItemInt
SetCaretPos
DestroyIcon
GetMenuItemCount
GetNextDlgTabItem
VkKeyScanW
OemToCharBuffA
DispatchMessageW
EndPaint
CharPrevW
DestroyCursor
DefDlgProcA
GetDesktopWindow
SystemParametersInfoA
InsertMenuW
GetMessageW
GetDC
LoadBitmapW
SetLastErrorEx
GetParent
CallWindowProcA
CopyAcceleratorTableW
DispatchMessageA
GetAsyncKeyState
CharUpperW
GetClassInfoW
SetMenuDefaultItem
GetKeyboardLayoutNameW
LoadCursorW
GetWindowLongA
SetScrollPos
RegisterClassExW
GetMenuCheckMarkDimensions
DrawStateA
ChildWindowFromPointEx
MessageBoxW
LoadIconA
ClientToScreen
RegisterClassW
SetCursorPos
RegisterWindowMessageW
HideCaret
IsIconic
ClipCursor
CharToOemBuffA
CharLowerBuffW
GetKeyNameTextW
GetScrollRange
LoadIconW
LoadMenuW
LoadImageA
GetDlgCtrlID
FrameRect
EnumThreadWindows
GetActiveWindow
DrawFocusRect
OpenIcon
PostMessageW
EndDialog
GetClientRect
SetActiveWindow
ShowWindowAsync
DefFrameProcA
SetTimer
GetIconInfo
LoadBitmapA
SetWindowTextW
CharUpperBuffW
MoveWindow
GetUpdateRgn
GetMenuState
GetKeyboardLayoutList
TileWindows
UpdateWindow
CreateCursor
FillRect
GetDlgItemTextW
DeferWindowPos
SendMessageTimeoutW
SetUserObjectInformationW
GetWindowLongW
CreateDialogParamA
GetMessageExtraInfo
SetClassLongW
FindWindowExA
MessageBoxA
RegisterWindowMessageA
GetClassNameW
PostQuitMessage
TabbedTextOutW
DrawIcon
CharNextA
MapVirtualKeyA
SetDlgItemTextA

kernel32

FileTimeToLocalFileTime
GetComputerNameA
IsValidLocale
LoadLibraryExA
FindAtomW
GetComputerNameW
SetThreadExecutionState
FindClose
SetCommTimeouts
GlobalFlags
CloseHandle
GetVersionExW
SetSystemTimeAdjustment
AddAtomW
TerminateThread
lstrcmpiA
MultiByteToWideChar
SetCurrentDirectoryW
CreateNamedPipeA
CreateMutexA
CreateNamedPipeW
GetSystemTimeAdjustment
GetNumberFormatW
GetModuleFileNameA
GetModuleHandleA
EscapeCommFunction
IsBadStringPtrW
SetFilePointer
GetTempPathW
CompareStringW
VerifyVersionInfoW
GetSystemDirectoryA
GlobalMemoryStatus
IsBadCodePtr
EnterCriticalSection
LeaveCriticalSection
FindFirstChangeNotificationW
ReleaseMutex
GetAtomNameW
GetProcAddress
MoveFileA
RtlUnwind
LoadLibraryA
GlobalGetAtomNameA
GetCurrentThreadId
GetThreadPriority
SetCommMask
GetThreadContext
GetDateFormatA
OpenFileMappingW
SetLocalTime
GetTempPathA
ReleaseSemaphore
GetACP
CreateThread
GetStartupInfoA
OpenFile
FileTimeToSystemTime
CreateWaitableTimerA
FindResourceExA
GlobalGetAtomNameW
OpenSemaphoreW
LocalUnlock
CreateDirectoryW
GlobalSize
GetLocaleInfoA
GetStringTypeExW
GetCommState
GetDateFormatW
SetCommState
FlushFileBuffers
GlobalCompact
IsValidLanguageGroup
GetExitCodeThread
SetThreadContext
MoveFileExA
GetCommandLineW
GetCommandLineA
VirtualQuery
GetLocalTime
lstrcatW
GetVersion
RaiseException
VerSetConditionMask
ReadFile
SetNamedPipeHandleState
GetFileSize
lstrcpyW
CreateFileA
QueryDosDeviceW
lstrcatA
GetFileAttributesW
SetTimerQueueTimer
HeapReAlloc
FindNextChangeNotification
GetComputerNameExW
TransactNamedPipe
WriteFile
GetSystemTimeAsFileTime
LocalLock
GetBinaryTypeW
FindFirstFileW
SetEvent
IsBadReadPtr
MoveFileExW
DuplicateHandle
EnumResourceTypesA
CreateEventA
SleepEx
GetLongPathNameW
lstrlenA
SetFileAttributesA
TryEnterCriticalSection
CreateWaitableTimerW
GetCurrentThread
GlobalAlloc
ExitThread
CancelIo
CreateEventW
RemoveDirectoryA

gdi32

GetROP2
Polygon
GetTextExtentPoint32A
UnrealizeObject
LineDDA
GetPaletteEntries
EnumFontsW
TextOutW
DeleteObject
CreateRectRgnIndirect
WidenPath
GetTextExtentPointW
CreateCompatibleBitmap
LineTo
CreateHalftonePalette
RemoveFontResourceW
IntersectClipRect
GetNearestPaletteIndex
EndPage
GetViewportOrgEx
CreateFontW
GetRgnBox
SetViewportOrgEx
CreatePen
SetDIBColorTable
StartPage
OffsetRgn
GetStockObject
ExcludeClipRect
CreateDiscardableBitmap
OffsetViewportOrgEx
RestoreDC
SetWindowExtEx
Polyline
RealizePalette
SetPaletteEntries
GetObjectA
ExtTextOutA
CreateHatchBrush
ExtFloodFill
CreateDCW
PtVisible
EnumFontFamiliesW
GetTextMetricsA
SetPixel
CreateDIBitmap
SetStretchBltMode
SetViewportExtEx
CreateBitmap
GetTextExtentPointA
ScaleViewportExtEx
BitBlt
GetSystemPaletteEntries
Ellipse

Exports

Exports

CrtComponentW

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Agio
Size: 11KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Much
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sat
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oypac
Size: 1024B - Virtual size: 693B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jibmed
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6edb5026783152d291128a66f588146f

Headers

DLL Characteristics

File Characteristics

Imports

ole32

advapi32

rpcrt4

user32

kernel32

gdi32

Exports

Exports

Sections

.text Size: 130KB - Virtual size: 129KB

.Agio Size: 11KB - Virtual size: 14KB

.Much Size: 512B - Virtual size: 32B

.sat Size: 512B - Virtual size: 32B

.oypac Size: 1024B - Virtual size: 693B

.jibmed Size: 22KB - Virtual size: 22KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 130KB - Virtual size: 129KB

.Agio
Size: 11KB - Virtual size: 14KB

.Much
Size: 512B - Virtual size: 32B

.sat
Size: 512B - Virtual size: 32B

.oypac
Size: 1024B - Virtual size: 693B

.jibmed
Size: 22KB - Virtual size: 22KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 4KB - Virtual size: 4KB