b16c24d0b9b329bd38e6fcd22eff2125016e52ce6dde379a4b9ed1d52b3704b1

Sharing

Copy URL Twitter E-mail

General

Target

b16c24d0b9b329bd38e6fcd22eff2125016e52ce6dde379a4b9ed1d52b3704b1
Size

168KB
MD5

9d71c68a6ebed279d009bbf0b1bfe6ba
SHA1

99ed6a31abfa23dd6114eaf621622432f6c89698
SHA256

b16c24d0b9b329bd38e6fcd22eff2125016e52ce6dde379a4b9ed1d52b3704b1
SHA512

189f8165d96dfb5b774fb617666e780af559202c8d5afb81656aafc5a83b740a6aff5b398286a815f645e3f0ac988d7bbbf4742d8f0560ccd3f2447772da6265
SSDEEP

3072:t/GmqimPc+YwmJTt6BwwS8amsEC3biZa7UM5TETUQK55ix0M4dJ/f36pckN5gQmo:taimPjbk6xzC317UWTETy55m07tf361J

Score

N/A

Malware Config

Signatures

Files

b16c24d0b9b329bd38e6fcd22eff2125016e52ce6dde379a4b9ed1d52b3704b1
.exe windows x86

38bfa307a4a7f4af90147a182493c8a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateNamedPipeW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
SetConsoleCtrlHandler
SetStdHandle
GetOEMCP
GetACP
SetFilePointer
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetCPInfo
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
GetCurrentThread
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetModuleFileNameA
FatalAppExitA
ExitProcess
GetVersion
GetCommandLineA
HeapAlloc
HeapFree
RtlUnwind
MultiByteToWideChar
LoadLibraryA
GetModuleHandleA
GetVersionExA
ConnectNamedPipe
ReadFile
WriteFile
FlushFileBuffers
DisconnectNamedPipe
OutputDebugStringW
CreateFileW
PulseEvent
lstrcmpiW
TerminateThread
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
GetSystemDirectoryW
GetCurrentThreadId
GetVersionExW
InitializeCriticalSection
CreateEventW
WaitForMultipleObjects
ResetEvent
DeleteCriticalSection
GetCurrentProcess
GetUserDefaultLangID
GetThreadLocale
OpenEventW
SetEvent
GetSystemPowerStatus
LocalAlloc
LocalFree
FormatMessageW
lstrlenW
SetLastError
FreeLibrary
CreateThread
EnterCriticalSection
LeaveCriticalSection
GetTickCount
lstrcmpW
WaitForSingleObject
CloseHandle
lstrcatW
Sleep
GetModuleHandleW
lstrcpyW
GetLastError
LoadLibraryW
GetProcAddress
CreateProcessW
lstrcpynW

user32

SystemParametersInfoW
GetWindowRect
UnregisterDeviceNotification
RegisterDeviceNotificationW
EnumDisplayDevicesW
PostQuitMessage
KillTimer
DefWindowProcW
SetTimer
RegisterClassExW
CreateWindowExW
GetMessageW
TranslateMessage
DispatchMessageW
CloseWindow
PostThreadMessageW
GetWindowThreadProcessId
GetThreadDesktop
SetThreadDesktop
RegisterWindowMessageW
OpenWindowStationW
SetProcessWindowStation
BroadcastSystemMessageW
ExitWindowsEx
GetLastInputInfo
OpenInputDesktop
OpenDesktopW
GetUserObjectInformationW
CloseDesktop
MonitorFromWindow
EqualRect
GetDesktopWindow
wsprintfW
ChangeDisplaySettingsExW
GetTopWindow
GetWindow
GetClassNameW
PostMessageW
EnumDisplaySettingsW
IsRectEmpty
FindWindowExW
GetCursorPos
GetForegroundWindow
SetCursorPos
SendMessageW
SetWindowPos
GetDC
ReleaseDC
SubtractRect
InvalidateRect
GetSystemMetrics
IntersectRect
FindWindowW

gdi32

CreateDCA
CreateDCW
ExtEscape
DeleteDC

advapi32

CreateProcessAsUserW
RegEnumValueW
ConvertStringSidToSidW
FreeSid
RegisterServiceCtrlHandlerW
SetServiceStatus
AllocateAndInitializeSid
SetEntriesInAclW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
StartServiceCtrlDispatcherW
RegSetKeySecurity
RegQueryInfoKeyW
RegEnumKeyExW
IsValidSid
RegGetKeySecurity
IsValidSecurityDescriptor
GetSecurityDescriptorDacl
GetAclInformation
GetAce
GetLengthSid
InitializeAcl
AddAccessAllowedAceEx
AddAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
OpenServiceW
ControlService
QueryServiceStatus
DeleteService
OpenSCManagerW
CreateServiceW
CloseServiceHandle
RegOverridePredefKey
GetTokenInformation
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

userenv

LoadUserProfileW
UnloadUserProfile

powrprof

CallNtPowerInformation

setupapi

SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo

Sections

.text
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38bfa307a4a7f4af90147a182493c8a0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

userenv

powrprof

setupapi

Sections

.text Size: 120KB - Virtual size: 116KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 24KB - Virtual size: 48KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 120KB - Virtual size: 116KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 24KB - Virtual size: 48KB

.rsrc
Size: 4KB - Virtual size: 4KB