1b14ea1308d707bdc578bdacedaeccf1a230601e294d2eb27c44cddba97d2a1a

Sharing

Copy URL Twitter E-mail

General

Target

1b14ea1308d707bdc578bdacedaeccf1a230601e294d2eb27c44cddba97d2a1a
Size

255KB
MD5

14611b57949764ea8067362a1afe2f40
SHA1

6f06d075e7c7d1b98ae2e5208324a723e81ce6e3
SHA256

1b14ea1308d707bdc578bdacedaeccf1a230601e294d2eb27c44cddba97d2a1a
SHA512

a321edc745aca1a96f8d6865fee1e2d4e76d1638938f2be2bbd4a91d4b4acbc063e497be2e72210a8a9d7bed8df1ea1ff1a779de28ac3baf6db3ca2d0866c5f7
SSDEEP

3072:MKLLgoaeiicVOYwdqpayMB7lMIK30XTBFzmWSUBd5UKoW23F+kmLLiE:MtoZYwd4GD7DBFfVG

Score

N/A

Malware Config

Signatures

Files

1b14ea1308d707bdc578bdacedaeccf1a230601e294d2eb27c44cddba97d2a1a
.exe windows x86

60ad80c89de58398bb2a99a4b6aaeb29

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
GetCurrentDirectoryW
FreeLibrary
GetLastError
CreateProcessW
CreateFileW
GetModuleFileNameW
GetModuleHandleW
GetPrivateProfileIntW
GetProcAddress
GlobalAlloc
LoadLibraryA
LoadLibraryW
GetOEMCP
VirtualAlloc
GetStartupInfoW
CreateFileA
GetStartupInfoA
lstrlenW
SetLastError
SetCurrentDirectoryW
RemoveDirectoryW
OutputDebugStringA
CloseHandle
LocalFree
FindClose
LocalAlloc

user32

ReleaseDC
SendMessageW
SetCursor
SetForegroundWindow
SetMessageQueue
SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
TranslateMessage
WaitMessage
DispatchMessageA
GetMessageA
UpdateWindow
CreateWindowExA
RegisterClassExA
ValidateRect
wsprintfA
ScrollWindow
PostMessageW
PeekMessageW
MsgWaitForMultipleObjects
MessageBoxW
LoadAcceleratorsW
IsDlgButtonChecked
GetWindowTextW
GetWindowRect
GetWindowLongW
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetParent
GetMessageW
GetLastActivePopup
GetDlgItem
GetDlgCtrlID
GetDC
GetClientRect
GetClassInfoW
FindWindowW
FillRect
ExitWindowsEx
EndDialog
EnableWindow
DispatchMessageW
DialogBoxParamW
DestroyWindow
DefWindowProcW
CheckRadioButton
CheckDlgButton
CharPrevW
CharNextW
CallWindowProcW
BringWindowToTop
MoveWindow

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
DPtoLP
DeleteDC
DeleteObject
GetDeviceCaps
GetMapMode
GetObjectW
GetStockObject
GetTextMetricsW
SelectObject
SetBkColor
SetBkMode
SetMapMode
SetTextColor
StretchBlt
TextOutA
CreateBitmap

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegCreateKeyW
RegDeleteValueW
RegOpenKeyExA
RegOpenKeyExW
RegOpenKeyW
RegQueryValueExA
RegQueryValueExW
RegQueryValueW
RegSetValueExW

msvcrt

_except_handler3
_vsnwprintf
_wmakepath
_wsplitpath
_wtoi
free
malloc
memmove
setlocale
swscanf

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 221KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60ad80c89de58398bb2a99a4b6aaeb29

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 221KB - Virtual size: 221KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 221KB - Virtual size: 221KB

.reloc
Size: 2KB - Virtual size: 1KB