d72cb54a9e285297007dd59fdd8eb2ba279bb5b436029ff9a231af311dce0564

Sharing

Copy URL

Twitter E-mail

General

Target

d72cb54a9e285297007dd59fdd8eb2ba279bb5b436029ff9a231af311dce0564
Size

829KB
MD5

14bd446f2a595a95c2969da556fcbdac
SHA1

897541d73b1b4c3662000e43d8186bd167087b1c
SHA256

d72cb54a9e285297007dd59fdd8eb2ba279bb5b436029ff9a231af311dce0564
SHA512

4ae67ee1c20305cd41ad0a6a3d12fa2b7d7c2be6e364dab9f062e394d05402acada7a101eff15b592240390b3a679133f31ae48dce2c85a35c1ebdbdbb8c8866
SSDEEP

12288:Jm9t9r9ut6+9sZVO9vmC8m8W2rUZevTMHnazhV:J3t6+9s1C8mFZeLMHazn

Score

N/A

Malware Config

Signatures

Files

d72cb54a9e285297007dd59fdd8eb2ba279bb5b436029ff9a231af311dce0564
.exe windows x86

602c43c4c4c3bd381ea706673714b4b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PageSetupDlgW
ChooseFontA

kernel32

SetConsoleWindowInfo
GetSystemTimeAsFileTime
FindNextChangeNotification
QueryDosDeviceW
TryEnterCriticalSection
FormatMessageW
IsProcessorFeaturePresent
SetConsoleActiveScreenBuffer
LoadResource
FlushFileBuffers
GlobalAddAtomA
_llseek
GetPrivateProfileSectionW
GetWindowsDirectoryA
PurgeComm
LocalReAlloc
GetThreadPriority
SizeofResource
GetStringTypeExW
GenerateConsoleCtrlEvent
ExitThread
SetEvent
SetStdHandle
ClearCommBreak
CreateDirectoryA
TlsGetValue
VirtualAllocEx
LeaveCriticalSection
SetNamedPipeHandleState
IsBadWritePtr
DeleteFiber
PulseEvent
WriteConsoleOutputW
FillConsoleOutputCharacterA
lstrcmpiW
SetThreadPriorityBoost
CancelIo
SetCurrentDirectoryA
SetEnvironmentVariableW
GetFullPathNameA
GetSystemTimeAdjustment
GetVolumeInformationW
GetTickCount
GetProfileStringA
SetProcessWorkingSetSize
GetSystemDirectoryW
DosDateTimeToFileTime
IsDBCSLeadByteEx
CreateEventA
SetProcessAffinityMask
ExitProcess
AllocConsole

oleaut32

SysAllocStringLen

user32

GetQueueStatus
CharPrevA
IsCharAlphaNumericW
SetWindowWord
SendNotifyMessageW
LoadKeyboardLayoutW
GetClassLongA
ValidateRgn
LoadIconA
GetWindow
RegisterClassW
LoadMenuIndirectA
ToAscii
EnumWindows
GetKeyboardLayout
SetMenu
ActivateKeyboardLayout

advapi32

CryptSetHashParam
RegSetValueExA
SetFileSecurityA
GetSecurityDescriptorDacl
SetEntriesInAclW
GetSecurityInfo
InitializeSecurityDescriptor
RegOpenKeyExW
EnumServicesStatusW
RegQueryValueExA
CreateProcessAsUserA
ObjectCloseAuditAlarmW
QueryServiceObjectSecurity
ReadEventLogW
RegRestoreKeyA
CryptAcquireContextA
IsTextUnicode

ws2_32

WSAEnumNetworkEvents
htonl
WSAAddressToStringW
sendto
WSAAsyncGetServByPort

msvcrt

wcsftime
_wcsdup
puts
_strnicmp
wcsncpy
_getche
fwprintf
_wputenv
swprintf
_umask
isalpha
_wsetlocale
strpbrk
_ecvt
strtol
_read
_strrev
_get_osfhandle
_mbsnbcpy
longjmp
_strnicoll
isalnum
strncmp
wctomb
_wopen

Sections

.text
Size: 359KB - Virtual size: 358KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 403KB - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

602c43c4c4c3bd381ea706673714b4b4

Headers

File Characteristics

Imports

comdlg32

kernel32

oleaut32

user32

advapi32

ws2_32

msvcrt

Sections

.text Size: 359KB - Virtual size: 358KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 403KB - Virtual size: 403KB

.rsrc Size: 60KB - Virtual size: 60KB

.text
Size: 359KB - Virtual size: 358KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 403KB - Virtual size: 403KB

.rsrc
Size: 60KB - Virtual size: 60KB