625a1d5a6489f246238e03d52a0fbab3c7b64f5d351b92c9404c4920cf3d819b

Sharing

Copy URL Twitter E-mail

General

Target

625a1d5a6489f246238e03d52a0fbab3c7b64f5d351b92c9404c4920cf3d819b
Size

115KB
MD5

1c4be8a3a3f220c2137843a2818a75b0
SHA1

474af46deedec31c3830567e1125a83082da51d0
SHA256

625a1d5a6489f246238e03d52a0fbab3c7b64f5d351b92c9404c4920cf3d819b
SHA512

c9b5fe6b2f2b68f4cebfec68e98854b6b6c6bb7df5f77c013217ea125c5e2e243b6832b4550a719aeb2172f5dff33a20bb61e187f57cb74b65b71e572b94ed51
SSDEEP

3072:w0p4N4uqwrImmrT4qTaI6e1fV1XZ6GNaR:w+uqBT44t6KXNaR

Score

N/A

Malware Config

Signatures

Files

625a1d5a6489f246238e03d52a0fbab3c7b64f5d351b92c9404c4920cf3d819b
.exe windows x86

ff04b048657fe52eccd7eb85da9cc6d9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

ord17

kernel32

LocalAlloc
FindClose
FindNextFileW
FindFirstFileW
LocalFree
UnmapViewOfFile
IsValidLanguageGroup
ExpandEnvironmentStringsW
lstrcatW
SetFilePointer
ReadFile
GetLastError
InterlockedDecrement
CreateFileW
GlobalUnlock
lstrcmpiW
GetACP
GetProfileIntW
LoadLibraryW
FreeLibrary
GetFileSize
CreateFileMappingW
CloseHandle
MapViewOfFile
GetStringTypeW
GetCPInfo
IsDBCSLeadByteEx
GetSystemDirectoryW
WriteProfileStringW
GetProfileStringW
CompareStringW
EnumSystemCodePagesW
IsValidCodePage
FindResourceW
LoadResource
LockResource
FreeResource
lstrcmpW
GlobalAlloc
GlobalFree
lstrcpyW
GetThreadLocale
MulDiv
MultiByteToWideChar
WideCharToMultiByte
lstrcpynW
GetWindowsDirectoryW
GetLocaleInfoW
GlobalLock
lstrlenW
FlushFileBuffers
SetStdHandle
InterlockedIncrement
GetStringTypeA
LCMapStringW
LCMapStringA
WriteFile
RtlUnwind
VirtualAlloc
HeapCreate
HeapDestroy
VirtualFree
GetStdHandle
SetHandleCount
GetFileType
GetEnvironmentStringsW
GetEnvironmentStrings
GetOEMCP
FreeEnvironmentStringsA
GetModuleFileNameA
FreeEnvironmentStringsW
GetCurrentProcess
TerminateProcess
UnhandledExceptionFilter
HeapReAlloc
HeapFree
HeapAlloc
GetVersion
GetCommandLineA
ExitProcess
GetModuleHandleA
LoadLibraryA
GetStartupInfoA
GetProcAddress

ole32

DoDragDrop
OleInitialize
OleUninitialize
CoGetMalloc

getuname

GetUName

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyExW
RegEnumValueW

gdi32

GetTextExtentPoint32W
GetCharWidth32W
EnumFontFamiliesExW
GetFontData
CreateDIBitmap
GetObjectW
GetTextAlign
SetTextAlign
GetTextExtentPointW
BitBlt
PatBlt
GetStockObject
ExtTextOutW
CreatePen
MoveToEx
LineTo
GetDeviceCaps
CreateFontIndirectW
DeleteDC
CreateCompatibleDC
SetTextColor
SetBkMode
CreateCompatibleBitmap
CreateSolidBrush
SelectObject
GetTextMetricsW
TextOutW
SetBkColor
UnrealizeObject
TranslateCharsetInfo
CreateFontW
DeleteObject

user32

EnumChildWindows
WinHelpW
GetWindowTextLengthW
ReleaseDC
CreateWindowExW
SendMessageW
GetDC
EndPaint
FillRect
GetSysColor
GetSystemMetrics
BeginPaint
PostQuitMessage
GetAsyncKeyState
ValidateRect
GetMessageTime
GetCursorPos
WindowFromPoint
ShowCursor
GetUpdateRect
SetCapture
SetTimer
GetWindowRect
GetClientRect
DefWindowProcW
wsprintfW
PtInRect
MapWindowPoints
GetParent
GetWindowDC
MoveWindow
SetScrollPos
DrawFocusRect
SetScrollRange
GetDesktopWindow
IsWindowEnabled
SetWindowTextW
GetDlgCtrlID
CallWindowProcW
PostMessageW
SetScrollInfo
GetScrollInfo
UnregisterClassW
RegisterClipboardFormatW
DestroyWindow
GetKeyboardLayout
ScreenToClient
EnableWindow
ClientToScreen
LoadStringW
GetMessagePos
InvalidateRect
SetDlgItemTextW
GetDlgItemTextW
SendDlgItemMessageW
GetFocus
GetWindowTextW
SetWindowLongW
GetClassNameW
GetWindowLongW
UpdateWindow
CreateDialogParamW
ShowWindow
LoadCursorW
GetDlgItem
DispatchMessageW
LoadIconW
RegisterClassW
GetMessageW
IsDialogMessageW
TranslateMessage
ReleaseCapture
KillTimer
DefDlgProcW
SetFocus

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff04b048657fe52eccd7eb85da9cc6d9

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

ole32

getuname

advapi32

gdi32

user32

Sections

.text Size: 66KB - Virtual size: 65KB

.data Size: 10KB - Virtual size: 147KB

.rsrc Size: 37KB - Virtual size: 36KB

.text
Size: 66KB - Virtual size: 65KB

.data
Size: 10KB - Virtual size: 147KB

.rsrc
Size: 37KB - Virtual size: 36KB