340a25d37e81c119fbfdbdde804d5ef34c95635f6be640bf40524d1933ca9a65

Sharing

Copy URL

Twitter E-mail

General

Target

340a25d37e81c119fbfdbdde804d5ef34c95635f6be640bf40524d1933ca9a65
Size

162KB
MD5

d39251bdb02932431f9871b75e53d3a4
SHA1

382ccedff60de737fdf5da520977ed95643b7dbe
SHA256

340a25d37e81c119fbfdbdde804d5ef34c95635f6be640bf40524d1933ca9a65
SHA512

0b732c9b28ab3afee3d3f661fb635191e2df1a5408d8224f2dd52c5a6b7ab4fd39af1b0067ddea0cb33d6ab7428f34870f70d7b9294833ab6a854949596a6202
SSDEEP

384:i9HIG64FDtjN1TTTTrTTTTTTTTTTTTTTTTTTTTTTTTTTTTtO7pXwxe5ymTTTTTTm:iVfX5a7LmGvpJdShy

Score

N/A

Malware Config

Signatures

Files

340a25d37e81c119fbfdbdde804d5ef34c95635f6be640bf40524d1933ca9a65
.exe windows x86

41dcf42d35fa4c9935b7bbca6ca414bf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileW
DuplicateHandle
ExitThread
ExpandEnvironmentStringsW
FreeLibrary
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileSize
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
HeapAlloc
HeapFree
LoadLibraryA
LocalFree
LocalLock
LocalUnlock
CreateProcessW
MoveFileExA
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
ReleaseMutex
SetErrorMode
SetEvent
SetFilePointer
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
WaitForMultipleObjects
WaitForSingleObject
lstrcatA
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrcpyA
lstrcpyW
lstrcpynA
lstrcpynW
lstrlenA
lstrlenW
CreateProcessA
CreateMutexA
CreateFileW
CreateFileMappingA
CreateFileA
CreateEventA
CopyFileW
CloseHandle
GetCurrentThread
LocalAlloc
GetStartupInfoA
VirtualAlloc
MapViewOfFile
ReadFile

user32

DefWindowProcW
DestroyWindow
DispatchMessageA
DefWindowProcA
DrawFocusRect
DrawIcon
DrawTextA
DrawTextW
EnableWindow
EndPaint
FillRect
FindWindowA
FindWindowExA
FindWindowExW
FindWindowW
GetClientRect
GetDC
GetDesktopWindow
GetDlgItem
GetFocus
GetLastActivePopup
GetMessageA
GetParent
GetProcessWindowStation
GetThreadDesktop
GetUserObjectInformationW
GetWindowLongA
GetWindowRect
InvalidateRect
IsDialogMessageA
IsIconic
IsWindowEnabled
IsWindowVisible
KillTimer
LoadCursorA
LoadStringA
LoadStringW
MapWindowPoints
MessageBoxA
MessageBoxW
MoveWindow
MsgWaitForMultipleObjects
OpenIcon
PeekMessageA
PostMessageA
PostQuitMessage
RedrawWindow
RegisterClassA
RegisterClassW
RegisterWindowMessageA
RegisterWindowMessageW
ReleaseDC
SendMessageA
SendMessageW
SetCursor
SetFocus
SetForegroundWindow
SetRect
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
SetWindowTextW
ShowWindow
SystemParametersInfoA
TranslateMessage
UpdateWindow
WinHelpA
WinHelpW
wsprintfA
wsprintfW
DefDlgProcW
DefDlgProcA
CreateWindowExW
CreateWindowExA
CreateDialogParamW
CreateDialogParamA
CallWindowProcW
BringWindowToTop
BeginPaint
AttachThreadInput
GetSysColor
GetSystemMetrics
LoadIconA
DrawAnimatedRects

gdi32

DeleteObject
GetObjectA
GetTextExtentPointA
GetTextExtentPointW
CreateFontIndirectW
SaveDC
SelectObject
SetBkColor
SetTextColor
RestoreDC
CreateFontIndirectA

advapi32

RegOpenKeyW

ole32

StringFromGUID2
CoUninitialize
CoTaskMemFree
CoRevokeClassObject
CoRegisterClassObject
CoInitializeEx
CoInitialize
CoFreeUnusedLibraries
CoCreateInstance
CLSIDFromString

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

msvcrt

exit
_initterm
_exit
free
_controlfp
_cexit
_c_exit
malloc
sprintf
_except_handler3
__p__commode
_XcptFilter
__getmainargs
__p__fmode
__set_app_type
__setusermatherr
_acmdln
_adjust_fdiv

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data2
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data15
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data14
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data13
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data12
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data25
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data24
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data23
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data22
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data21
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data20
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data19
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data18
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data17
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data16
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data11
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data10
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data9
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data8
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data7
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data6
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text3
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 805KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41dcf42d35fa4c9935b7bbca6ca414bf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

version

msvcrt

Sections

.text Size: 33KB - Virtual size: 32KB

.data2 Size: 1024B - Virtual size: 548B

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 12KB

.data15 Size: 2KB - Virtual size: 1KB

.data14 Size: 2KB - Virtual size: 1KB

.data13 Size: 2KB - Virtual size: 1KB

.data12 Size: 3KB - Virtual size: 2KB

.data25 Size: 1024B - Virtual size: 548B

.data24 Size: 1024B - Virtual size: 548B

.data23 Size: 1024B - Virtual size: 548B

.data22 Size: 1024B - Virtual size: 548B

.data21 Size: 1024B - Virtual size: 548B

.data20 Size: 1024B - Virtual size: 548B

.data19 Size: 1024B - Virtual size: 548B

.data18 Size: 1024B - Virtual size: 548B

.data17 Size: 1024B - Virtual size: 548B

.data16 Size: 1024B - Virtual size: 548B

.data11 Size: 1024B - Virtual size: 548B

.data10 Size: 1024B - Virtual size: 548B

.data9 Size: 1024B - Virtual size: 548B

.data8 Size: 1024B - Virtual size: 548B

.data7 Size: 1024B - Virtual size: 548B

.data6 Size: 1024B - Virtual size: 548B

.data5 Size: 1024B - Virtual size: 548B

.data4 Size: 1024B - Virtual size: 548B

.data3 Size: 15KB - Virtual size: 15KB

.text3 Size: 49KB - Virtual size: 48KB

.text2 Size: 15KB - Virtual size: 15KB

.rsrc Size: 2KB - Virtual size: 805KB

.text
Size: 33KB - Virtual size: 32KB

.data2
Size: 1024B - Virtual size: 548B

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 12KB

.data15
Size: 2KB - Virtual size: 1KB

.data14
Size: 2KB - Virtual size: 1KB

.data13
Size: 2KB - Virtual size: 1KB

.data12
Size: 3KB - Virtual size: 2KB

.data25
Size: 1024B - Virtual size: 548B

.data24
Size: 1024B - Virtual size: 548B

.data23
Size: 1024B - Virtual size: 548B

.data22
Size: 1024B - Virtual size: 548B

.data21
Size: 1024B - Virtual size: 548B

.data20
Size: 1024B - Virtual size: 548B

.data19
Size: 1024B - Virtual size: 548B

.data18
Size: 1024B - Virtual size: 548B

.data17
Size: 1024B - Virtual size: 548B

.data16
Size: 1024B - Virtual size: 548B

.data11
Size: 1024B - Virtual size: 548B

.data10
Size: 1024B - Virtual size: 548B

.data9
Size: 1024B - Virtual size: 548B

.data8
Size: 1024B - Virtual size: 548B

.data7
Size: 1024B - Virtual size: 548B

.data6
Size: 1024B - Virtual size: 548B

.data5
Size: 1024B - Virtual size: 548B

.data4
Size: 1024B - Virtual size: 548B

.data3
Size: 15KB - Virtual size: 15KB

.text3
Size: 49KB - Virtual size: 48KB

.text2
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 2KB - Virtual size: 805KB