aff1dec6c3b955fe928435e5f008d5725f24b9006fb93dc90b6930892f39c80c

Sharing

Copy URL Twitter E-mail

General

Target

aff1dec6c3b955fe928435e5f008d5725f24b9006fb93dc90b6930892f39c80c
Size

498KB
MD5

3c5aca7416bf17637f7ef81ef4b13bf9
SHA1

ca8121254e015a58986257716b051e3e3aae299a
SHA256

aff1dec6c3b955fe928435e5f008d5725f24b9006fb93dc90b6930892f39c80c
SHA512

ceb422d3d10f83c3ee978952ab83dfebd15e80401e98c882047faa11c88954650eba303054b050efa27c66798aac6f90a004b98f87aa94b20cce4999d574c13b
SSDEEP

12288:CFEcNolkouUzcl9tP+XxKDMSIe8eBh9bscSGRQz9W1JDOUFbWI6:CrguUzcl9t2hI1nP3vQ41JDOUFbWI6

Score

N/A

Malware Config

Signatures

Files

aff1dec6c3b955fe928435e5f008d5725f24b9006fb93dc90b6930892f39c80c
.exe windows x86

0764989fddf675784b95a403774e389c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_APPCONTAINER
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

kernel32

LoadLibraryW
GetProcessHeap
SetEndOfFile
LCMapStringW
WriteConsoleW
SetStdHandle
FlushFileBuffers
HeapReAlloc
GetStringTypeW
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
ReadFile
MultiByteToWideChar
ReadConsoleInputA
GetFileType
InitializeCriticalSectionAndSpinCount
Sleep
HeapCreate
GetModuleFileNameW
ExitProcess
InterlockedDecrement
GetCurrentThreadId
SetLastError
GetModuleHandleW
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentProcess
TerminateProcess
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
DecodePointer
IsProcessorFeaturePresent
HeapFree
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetLocalTime
LeaveCriticalSection
EnterCriticalSection
HeapAlloc
GetLastError
CreateFileA
SetFilePointer
WriteFile
CloseHandle
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetStdHandle
GetConsoleScreenBufferInfo
FillConsoleOutputCharacterA
FillConsoleOutputAttribute
SetConsoleCursorPosition
lstrcatA
GetProcAddress
lstrcpyA
GetEnvironmentStrings
FreeEnvironmentStringsA
SetEvent
WaitForMultipleObjects
WaitForSingleObject
LoadLibraryA
SetConsoleWindowInfo
SetConsoleScreenBufferSize
GetConsoleWindow
FreeLibrary
GetSystemDirectoryA
RtlUnwind
RaiseException
OutputDebugStringA
FormatMessageA
lstrlenA
SetHandleCount
FlushConsoleInputBuffer
SetCurrentDirectoryA
DeleteCriticalSection
CreateFileW

user32

GetCursorPos
AppendMenuA
TrackPopupMenu
GetWindowPlacement
CreatePopupMenu
SetForegroundWindow
SetWindowTextW
GetForegroundWindow
GetMenu
CallWindowProcA
GetMenuItemCount
CloseClipboard
SetClipboardData
SetFocus
EmptyClipboard
OpenClipboard
GetSystemMetrics
IsIconic
GetKeyNameTextA
ToAscii
MapVirtualKeyA
GetKeyboardState
GetKeyState
SetWindowsHookExA
EndDialog
GetDlgItemTextA
SystemParametersInfoA
CopyImage
IsWindowEnabled
SetDlgItemTextA
SetMenuItemInfoA
SendMessageA
GetParent
GetClassInfoW
RegisterClassW
BeginPaint
EndPaint
DefWindowProcA
GetWindowLongA
GetClientRect
LoadCursorA
LoadIconA
SetWindowTextA
CreateWindowExA
MapDialogRect
GetDlgItem
wsprintfA
DestroyWindow
PostQuitMessage
LoadImageA
GetDC
ReleaseDC
GetFocus
MessageBoxA
TranslateMessage
PeekMessageA
DispatchMessageA
GetWindowRect
SetWindowPos
ShowWindow
SetWindowLongA
SetWindowRgn
GetDesktopWindow
RedrawWindow
MapWindowPoints
OffsetRect

gdi32

BitBlt
CreateFontIndirectA
CreateRectRgnIndirect
SetMapMode
GetStockObject
TextOutW
MoveToEx
LineTo
CreateColorSpaceA
CreateCompatibleDC
SelectObject
GetObjectA
CreateCompatibleBitmap
DeleteDC
SaveDC
GetDeviceCaps
CreateFontA
TextOutA
DeleteObject
RestoreDC
GetTextExtentPoint32A

comdlg32

FindTextA

advapi32

RegSetValueExA
RegCreateKeyA
RegCloseKey

shell32

SHGetFolderPathW

ole32

CreateBindCtx
CoInitialize
CoUninitialize
CoCreateInstance
CLSIDFromProgID
OleUninitialize
CoGetInterfaceAndReleaseStream
CoUnmarshalInterface
OleFlushClipboard
OleGetClipboard
CoInitializeEx
CreateStreamOnHGlobal
OleInitialize
OleSetClipboard
OleIsCurrentClipboard
CoMarshalInterface
GetHGlobalFromStream
CoMarshalInterThreadInterfaceInStream

oleaut32

OleLoadPicture

ws2_32

WSAStartup

shlwapi

StrChrA

comctl32

ord17
InitCommonControlsEx

secur32

QueryContextAttributesA
FreeContextBuffer
QuerySecurityPackageInfoA

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext
ImmSetOpenStatus

uxtheme

SetThemeAppProperties

msi

ord124
ord103
ord121
ord8
ord64
ord17

snmpapi

SnmpUtilAsnAnyCpy

sensapi

IsNetworkAlive

Sections

.text
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 299KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.relob
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0764989fddf675784b95a403774e389c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

shlwapi

comctl32

secur32

imm32

uxtheme

msi

snmpapi

sensapi

Sections

.text Size: 83KB - Virtual size: 82KB

.rdata Size: 299KB - Virtual size: 298KB

.data Size: 8KB - Virtual size: 16KB

.relob Size: 1KB - Virtual size: 1KB

.rsrc Size: 97KB - Virtual size: 97KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 83KB - Virtual size: 82KB

.rdata
Size: 299KB - Virtual size: 298KB

.data
Size: 8KB - Virtual size: 16KB

.relob
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 97KB - Virtual size: 97KB

.reloc
Size: 8KB - Virtual size: 8KB