856fd0bd387d5c9677143f34ac5caaef0a27e71016b95f0dbf7785b6d5e625f9

Sharing

Copy URL Twitter E-mail

General

Target

856fd0bd387d5c9677143f34ac5caaef0a27e71016b95f0dbf7785b6d5e625f9
Size

233KB
MD5

3e423db8e043d4a5d7bf418a60af0afb
SHA1

09c6beae395c3e3312d71daecf49203d94ccbd16
SHA256

856fd0bd387d5c9677143f34ac5caaef0a27e71016b95f0dbf7785b6d5e625f9
SHA512

d286aa6b4f12cbf05cc37960cee24cf402a64f094d2ee48970d9fa1552e8cd9e8bec6663feaa0d39e37eda956923091793f77d01f5ffc79919c785d99e1be604
SSDEEP

6144:1PuO5kDu1NGO18jA9xYRMCVxthwmjVmqvQKIibq3D:Np5kDuPGO1nxkjVmqvQKI

Score

N/A

Malware Config

Signatures

Files

856fd0bd387d5c9677143f34ac5caaef0a27e71016b95f0dbf7785b6d5e625f9
.exe windows x86

a134fd944418a232adc322238de0c264

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetMapMode
GdiComment
GetNearestPaletteIndex
TranslateCharsetInfo
SetPixelFormat
GetCharacterPlacementA
CloseMetaFile
CreateDIBSection
SelectPalette
CreateCompatibleBitmap
SetPixel
ExtTextOutA
EnumFontsA
GetTextCharacterExtra
GetDIBColorTable
PtVisible
CreatePolygonRgn
GetWindowExtEx
StretchDIBits

advapi32

OpenServiceA
GetLengthSid
GetExplicitEntriesFromAclW
CryptReleaseContext
GetSidSubAuthorityCount
InitiateSystemShutdownW
SetThreadToken
RegSetValueA
RegLoadKeyW
LookupAccountSidA
RegisterServiceCtrlHandlerA
SetEntriesInAclA
OpenEventLogW
RegEnumValueW
GetAclInformation
GetNamedSecurityInfoW
BuildSecurityDescriptorW
AccessCheck
CryptSetHashParam
ChangeServiceConfigA
AbortSystemShutdownA
QueryServiceLockStatusW
SetTokenInformation
CryptGetUserKey
RegisterEventSourceW
EqualSid
CreateServiceA
GetAce
RegConnectRegistryW
CryptCreateHash
SetNamedSecurityInfoA
CryptSignHashW
SetKernelObjectSecurity
CloseServiceHandle
CryptGenRandom
OpenProcessToken
SetServiceStatus
RegUnLoadKeyW

version

VerFindFileA

user32

SetScrollRange
CharUpperW
SetFocus
MessageBoxA
GetDlgItem
SendMessageA
CreateDialogIndirectParamA
InvertRect
LoadCursorA
CreateAcceleratorTableW
CreateIconIndirect
CharNextW
LoadKeyboardLayoutW
DrawIconEx
GetMenuItemRect
RedrawWindow
RegisterClassExA
KillTimer
SetWindowsHookW
GetKeyboardType
PostThreadMessageW
GetGuiResources

kernel32

GetTapeStatus
ConnectNamedPipe
SetEndOfFile
CloseHandle
SetProcessWorkingSetSize
WritePrivateProfileSectionA
GetDriveTypeA
FindCloseChangeNotification
WaitNamedPipeA
GlobalUnlock
ReadDirectoryChangesW
GetLargestConsoleWindowSize
ReleaseMutex
PurgeComm
GetStringTypeExW
DosDateTimeToFileTime
DebugBreak
SearchPathW
CompareStringA
FindFirstFileExW
GetCurrentProcess
SetCommTimeouts
UnhandledExceptionFilter
GetTickCount
ExitProcess
VirtualAlloc
GetCommandLineA
GetOEMCP
LoadLibraryExA
GetComputerNameW
FlushConsoleInputBuffer
WriteConsoleOutputCharacterA
GetCurrentProcessId
LeaveCriticalSection
FindResourceExA
GetStartupInfoA
SetProcessShutdownParameters
FormatMessageA
VirtualQueryEx
OutputDebugStringW
EnumDateFormatsW
VirtualAllocEx
LocalLock
GlobalReAlloc
GetShortPathNameW
FindResourceExW
WritePrivateProfileStructA
ReadFile
GlobalFree
_lclose
SizeofResource
GetNumberFormatW
SetConsoleOutputCP
LoadLibraryExW
_lread
CreateNamedPipeW
GetTempFileNameA
FillConsoleOutputCharacterA
ClearCommBreak
_lopen
OpenFile
WriteProcessMemory
DeleteCriticalSection
PulseEvent
lstrcpyA
VirtualLock

shell32

DragQueryPoint
SHChangeNotify
SHGetSpecialFolderLocation
Shell_NotifyIconA
ShellExecuteA

oleaut32

LoadTypeLi
SafeArrayGetElement
SafeArrayCreate
VariantCopy
LoadTypeLibEx

ole32

OleCreate
GetRunningObjectTable
PropVariantCopy
OleRegGetUserType
CLSIDFromString
CoQueryProxyBlanket
CreateOleAdviseHolder

ws2_32

WSAConnect
WSASetLastError
WSAHtons
WSASocketW
WSAAsyncGetHostByName

msvcrt

_wgetenv
sscanf
_filelength
_mbslen
_pctype
_ltoa
_sys_errlist
vwprintf
_stricoll
wcscmp
__p__environ
_wcsnicmp
_ultow
mbtowc
_ecvt
_ui64tow
__doserrno
localtime
ftell
puts
_strlwr
strstr
_strnicoll
isxdigit
__p___argc
clock
_wspawnv
_endthreadex
_kbhit
_ismbcspace
fflush
_i64tow
_mbscmp
ungetc
wctomb
_wopen
_wtoi64
vfprintf
__p___argv
strtod
vfwprintf
isalnum
_wfullpath

Sections

.text
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a134fd944418a232adc322238de0c264

Headers

File Characteristics

Imports

gdi32

advapi32

version

user32

kernel32

shell32

oleaut32

ole32

ws2_32

msvcrt

Sections

.text Size: 200KB - Virtual size: 200KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 26KB - Virtual size: 25KB

.text
Size: 200KB - Virtual size: 200KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 26KB - Virtual size: 25KB