972326ed1333f9e9c44e1625749cbd374423e19b57dbac574fb862e00b82583b

Sharing

Copy URL Twitter E-mail

General

Target

972326ed1333f9e9c44e1625749cbd374423e19b57dbac574fb862e00b82583b
Size

89KB
MD5

5c6249bf0209de39bf484902dddaa085
SHA1

e7262da574c4e4cbf30c885f4ab4314bb6abeb51
SHA256

972326ed1333f9e9c44e1625749cbd374423e19b57dbac574fb862e00b82583b
SHA512

4b8eed76971a1ef1a0fda7b2fd167505ac09ef88303215871093a1be0524bd34704c41b699ad0d5d679a5c9b407b6c864e9b1105622122e540e32e8314b2017c
SSDEEP

1536:bGs9iBYvLgZq5TeTPP7zolfmclehkynOyme6cRAbCLZG4N:bGKiBjMSD7z8Z4iynOyme6cR/LBN

Score

N/A

Malware Config

Signatures

Files

972326ed1333f9e9c44e1625749cbd374423e19b57dbac574fb862e00b82583b
.exe windows x86

0179414c634c1d8d524fd775b7f978a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFileEx
LocalFree
SetStdHandle
WriteConsoleW
IsProcessorFeaturePresent
SetFilePointer
GetStringTypeW
MultiByteToWideChar
LCMapStringW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapReAlloc
HeapSize
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
Sleep
GlobalFree
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
ReadFileEx
CreateNamedPipeA
GetLastError
DisconnectNamedPipe
lstrlenW
GetOverlappedResult
CreateFileW
ReadFile
HeapCreate
CreateFileA
CreateEventA
LoadLibraryW
GlobalAlloc
WriteFile
GetProcessHeap
GetTickCount
ConnectNamedPipe
SetEvent
GetUserDefaultLCID
HeapAlloc
lstrlenA
GetFileSize
GetModuleFileNameA
LeaveCriticalSection
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
GetStdHandle
GetModuleFileNameW
EncodePointer
EnterCriticalSection

user32

MoveWindow
EndPaint
DestroyWindow
GetMessageA
GetClassNameA
GetSystemMenu
IsMenu
PostQuitMessage
SendDlgItemMessageA
GetLastActivePopup
GetSubMenu
GetMenuBarInfo
GetParent
LoadIconA
IsWindowEnabled
GetClientRect
SendMessageA
BeginPaint
GetIconInfo
GetDC
TranslateMessage
MessageBoxA
UnregisterClassA
GetWindowLongA
CreateWindowExA
GetClassNameW
ReleaseDC
SetClassLongA
GetMenuState
IsWindowUnicode
GetDesktopWindow
GetSysColor
GetCursorPos
PostMessageA
DispatchMessageA
GetMenuInfo
ReleaseCapture
CloseWindow
LoadCursorA
GetDlgItemTextA
SetDlgItemTextA
GetWindowThreadProcessId
RegisterClassA

gdi32

MoveToEx
DeleteDC
CreateFontIndirectA
SetBkColor
GetDCBrushColor
SetBkMode
SelectObject
Rectangle
CreatePen
SetTextAlign
GetObjectA
TextOutW
GetStockObject
TextOutA
DeleteObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA
PrintDlgA
ChooseFontA

userenv

GetProfileType

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0179414c634c1d8d524fd775b7f978a5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

userenv

Sections

.text Size: 34KB - Virtual size: 34KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 40KB - Virtual size: 48KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 34KB - Virtual size: 34KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 40KB - Virtual size: 48KB

.rsrc
Size: 1KB - Virtual size: 1KB