996027227125fb22486d3696fa7366d386a5470d1c23a58c79aeed16b99af1c9

Sharing

Copy URL Twitter E-mail

General

Target

996027227125fb22486d3696fa7366d386a5470d1c23a58c79aeed16b99af1c9
Size

254KB
MD5

2bb2194ab5ed08edd5c5de43570f408a
SHA1

8f153d0c6be48c6590b9feae2d76d7773632aac8
SHA256

996027227125fb22486d3696fa7366d386a5470d1c23a58c79aeed16b99af1c9
SHA512

6da4b836ae4a9ae062aed5470f39bec1954c87beefc9bc60278974a2b57c0a421c9e9e056be42fd12d36d81fffe430aee20893ff7664739b538bd28d0fd67806
SSDEEP

6144:Xv/6LDsI/GdzaXzWPNpqZcnHb6XVOGAKjQFJ6U9Il:XvOGSa2Z4Wl0QQP6R

Score

N/A

Malware Config

Signatures

Files

996027227125fb22486d3696fa7366d386a5470d1c23a58c79aeed16b99af1c9
.exe windows x86

4302b18b23701efc94ff5007ded6d6fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegOpenKeyExA
RegCloseKey
RegSetValueExW
RegDeleteValueW

gdi32

GetTextExtentPoint32W
BitBlt
GetDeviceCaps
SelectObject
CreateICW
TextOutW
SetBkColor
CreateCompatibleBitmap
MoveToEx
GetPixel
GetTextMetricsW
DeleteObject

kernel32

SetThreadContext
HeapQueryInformation
TransactNamedPipe
CreateIoCompletionPort
CopyFileExA
UnmapViewOfFile
lstrcpynA
AssignProcessToJobObject
FlushViewOfFile
GetNamedPipeHandleStateA
SetCurrentDirectoryA
GetStringTypeA
HeapSetInformation
HeapWalk
GetEnvironmentStringsA
HeapFree
FileTimeToLocalFileTime
IsBadStringPtrA
InterlockedPopEntrySList
GetUserDefaultLangID
GetFileTime
HeapDestroy
CreateFileA
CallNamedPipeA
OpenThread
lstrcatA
HeapCompact
GetThreadSelectorEntry
SetThreadAffinityMask
GetUserDefaultUILanguage
SetFirmwareEnvironmentVariableA
HeapCreate
HeapLock
IsValidLocale
RegisterWaitForSingleObject
GetStringTypeExA
SetThreadPriority
SetThreadIdealProcessor
ReadFile
InterlockedPushEntrySList
lstrlenW
MapViewOfFile
RtlMoveMemory
WaitNamedPipeA
InterlockedFlushSList
GetCurrentProcessId
RegisterWaitForSingleObjectEx
lstrcatW
GetTickCount
ExitThread
HeapValidate
DosDateTimeToFileTime
VirtualAllocEx
LeaveCriticalSection
SetLastError
WaitForMultipleObjectsEx
HeapUnlock
GetThreadPriority
CreateThread
ConvertDefaultLocale
InitializeCriticalSection
lstrcmpiA
CreateNamedPipeA
RegisterWaitForInputIdle
FileTimeToSystemTime
SetThreadUILanguage
CreateFileMappingA
SetPriorityClass
CloseHandle
RtlFillMemory
GetSystemDefaultLangID
ConnectNamedPipe
SetFilePointer
HeapAlloc
EnterCriticalSection
FreeEnvironmentStringsA
WaitForMultipleObjects
GetThreadTimes
GetSystemTimes
SetThreadExecutionState
WriteFileEx
GetEnvironmentVariableA
GetSystemDefaultLCID

msvcrt

_except_handler3
_initterm
_cexit
time
__p__commode
_c_exit

user32

DrawMenuBar
SetCursor
SystemParametersInfoW
EndDialog
GetDlgItemInt
DialogBoxParamW
IsIconic
GetMessageW
EnableMenuItem
KillTimer
BeginPaint
GetDC
GetSystemMetrics
DispatchMessageW
LoadBitmapW
MessageBeep
WinHelpW
PostMessageW
SetCapture
LoadStringW
InvalidateRect
SendMessageW
EndPaint

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4302b18b23701efc94ff5007ded6d6fe

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

gdi32

kernel32

msvcrt

user32

Sections

.text Size: 168KB - Virtual size: 168KB

.data Size: 76KB - Virtual size: 76KB

.rsrc Size: 8KB - Virtual size: 540KB

.text
Size: 168KB - Virtual size: 168KB

.data
Size: 76KB - Virtual size: 76KB

.rsrc
Size: 8KB - Virtual size: 540KB