da21c0020c121cfe29fbf283f985b58ec231b52c566f750244c5f6bed56c9682

Sharing

Copy URL Twitter E-mail

General

Target

da21c0020c121cfe29fbf283f985b58ec231b52c566f750244c5f6bed56c9682
Size

231KB
MD5

63d1ff942112542197e6c61e79e2eeb1
SHA1

fb06432fd8fdcf1c8da72d49c3e67fd8e8b7e794
SHA256

da21c0020c121cfe29fbf283f985b58ec231b52c566f750244c5f6bed56c9682
SHA512

3ade3751d38e21b513d25b7982e40fb99154abe8281ddd244b563b88b3b6234e54a7d7e0c04a2a03159cdc55ca91713cd4d46aeadc148d8924b9164c08991278
SSDEEP

6144:lHvKSL/bqV1OcGqZ6wra/3gxZq+M/0mocLl5UkLQwLA/7/aX3b3u2kpD1605dpM:BCSrG/dta/3d05j

Score

N/A

Malware Config

Signatures

Files

da21c0020c121cfe29fbf283f985b58ec231b52c566f750244c5f6bed56c9682
.exe windows x86

8acb55528a9663fbf9a22d344a729ce3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AddAccessAllowedAce
DeregisterEventSource
FreeSid
GetLengthSid
AllocateAndInitializeSid
InitializeAcl
InitializeSecurityDescriptor
OpenSCManagerW
OpenServiceW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegisterEventSourceW
RegisterServiceCtrlHandlerW
ReportEventW
ChangeServiceConfigW
SetSecurityDescriptorDacl
SetServiceStatus
StartServiceCtrlDispatcherW
CloseServiceHandle

ntdll

NtConnectPort
NtQueryInformationProcess
NtRequestWaitReplyPort
RtlCreateUserThread
RtlInitUnicodeString
RtlInitializeCriticalSection
RtlUnhandledExceptionFilter

user32

BeginPaint
DefWindowProcW
DeleteMenu
DestroyIcon
DestroyReasons
DestroyWindow
DialogBoxParamW
DispatchMessageW
DisplayExitWindowsWarnings
DrawTextExW
DrawTextW
EnableMenuItem
EnableWindow
EndDialog
EndPaint
BuildReasonArray
EnumWindows
FillRect
FindWindowW
GetAsyncKeyState
GetClientRect
GetDC
GetDesktopWindow
GetDlgItem
GetDlgItemTextW
GetFocus
CallWindowProcW
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetParent
GetSysColor
GetSystemMenu
GetSystemMetrics
GetThreadDesktop
GetUserObjectInformationW
GetWindow
GetWindowLongA
GetWindowLongW
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
InflateRect
InvalidateRect
IsChild
IsDialogMessageW
IsDlgButtonChecked
IsWindowEnabled
IsWindowVisible
KillTimer
CharNextW
LoadCursorW
LoadImageW
LoadStringA
LoadStringW
MapDialogRect
MapWindowPoints
MoveWindow
MsgWaitForMultipleObjects
MsgWaitForMultipleObjectsEx
OffsetRect
AllowSetForegroundWindow
OpenDesktopW
OpenInputDesktop
PeekMessageW
PostMessageW
ReasonCodeNeedsBugID
ReasonCodeNeedsComment
RecordShutdownReason
RegisterClassExW
ReleaseDC
CheckDlgButton
SendDlgItemMessageW
SendMessageTimeoutW
SendMessageW
SetCursor
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetRect
SetThreadDesktop
SetTimer
SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
SwitchDesktop
SystemParametersInfoW
CloseDesktop
TrackMouseEvent
TranslateMessage
UnregisterClassW
UpdateWindow
WinHelpW
wsprintfW
CopyRect
CreateDialogParamW
CreateIconIndirect
CreateWindowExW

kernel32

CreateThread
DeleteCriticalSection
DeleteFileA
DuplicateHandle
EnterCriticalSection
ExitProcess
FileTimeToSystemTime
FindFirstFileA
FindResourceA
FindResourceExA
FlushFileBuffers
FlushInstructionCache
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetFileSize
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDirectoryA
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
CloseHandle
GetThreadLocale
GetTickCount
GetTimeFormatA
GetVersion
GetVersionExA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
IsDBCSLeadByte
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadResource
LocalAlloc
LocalFree
LocalLock
LocalUnlock
LockResource
MapViewOfFile
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseMutex
ResetEvent
ResumeThread
RtlUnwind
CreateEventA
CreateFileA
SetEndOfFile
SetEvent
CreateFileMappingA
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
CreateMutexA
WideCharToMultiByte
WriteFile
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
lstrlenW

gdi32

DeleteDC
DeleteObject
BitBlt
FillRgn
CombineRgn
GetCharWidth32W
GetCurrentObject
GetDeviceCaps
GetObjectW
GetStockObject
CreateCompatibleBitmap
CreateCompatibleDC
LineTo
MoveToEx
Rectangle
SelectObject
SetBkMode
SetRectRgn
SetTextColor
CreateFontIndirectW
CreatePen
CreateRectRgn
CreateSolidBrush

comdlg32

GetOpenFileNameA
GetSaveFileNameA

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8acb55528a9663fbf9a22d344a729ce3

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

ntdll

user32

kernel32

gdi32

comdlg32

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 30KB - Virtual size: 29KB

.data Size: 17KB - Virtual size: 32KB

.reloc Size: 16KB - Virtual size: 16KB

.rsrc Size: 10KB - Virtual size: 12KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 17KB - Virtual size: 32KB

.reloc
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 10KB - Virtual size: 12KB