ce3872e96b577f3bc286109996676c6da87e1365a6531cff8bb6a92be7ac2edd

Sharing

Copy URL

Twitter E-mail

General

Target

ce3872e96b577f3bc286109996676c6da87e1365a6531cff8bb6a92be7ac2edd
Size

229KB
MD5

fcdeddd85694bbf85d52fc349cde4576
SHA1

4e608f2f9ca7c6c2ec939de8c776eccd3b6d6db2
SHA256

ce3872e96b577f3bc286109996676c6da87e1365a6531cff8bb6a92be7ac2edd
SHA512

198a7c19364ae8e4af6f985306a475cea65d88e17b008a81573edb1357c1498acdfe87b2761c40e8f6f02ee7d83d95b701a70c78d68d2e75e1a0b6d18654204d
SSDEEP

3072:LmboW4h7zWSWJvPPdinDKVOjlo2LFeyINaJW9yHkS3RKGvF11miyJiMk:6bovgSWJFJ21JI78HkSAGnWJi

Score

N/A

Malware Config

Signatures

Files

ce3872e96b577f3bc286109996676c6da87e1365a6531cff8bb6a92be7ac2edd
.exe windows x86

d28a8a985f51a25e2543a2cf6411d996

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetThreadAffinityMask
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SwitchToThread
TerminateProcess
UnhandledExceptionFilter
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
CreateEventA
lstrcmpW
CreateSemaphoreA
CreateThread
DebugBreak
DeleteCriticalSection
DisableThreadLibraryCalls
DuplicateHandle
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameA
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetVersion
GetVersionExA
HeapAlloc
CloseHandle
HeapCreate
HeapDestroy
HeapFree
HeapSize
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryA
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
ReleaseSemaphore
ResetEvent
ResumeThread
RtlUnwind
SetEvent

user32

DialogBoxParamW
EnableWindow
EndDialog
GetDlgItem
GetDlgItemTextW
GetWindowLongW
GetWindowTextLengthW
LoadCursorW
MessageBoxW
SetCursor
SetFocus
SetWindowLongW
WinHelpW

gdi32

AbortDoc
ArcTo
DeleteDC
DeleteObject
EndDoc
EndPage
BitBlt
EnumFontFamiliesExW
EnumMetaFile
Escape
ExcludeClipRect
ExtCreatePen
ExtSelectClipRgn
ExtTextOutW
FillRgn
CombineRgn
GetBkColor
GetCharWidthW
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetDCOrgEx
GetDeviceCaps
CopyMetaFileW
CreateBitmap
GetMapMode
GetObjectType
GetObjectW
CreateBrushIndirect
GetPixel
GetStockObject
GetTextColor
GetTextExtentPoint32W
CreateCompatibleBitmap
GetTextExtentPointW
GetTextFaceW
GetTextMetricsW
GetViewportExtEx
CreateCompatibleDC
GetWindowExtEx
IntersectClipRect
LineTo
MoveToEx
OffsetClipRgn
OffsetViewportOrgEx
CreateDCW
OffsetWindowOrgEx
PatBlt
PlayMetaFile
PlayMetaFileRecord
PolyBezierTo
PolyDraw
CreateDIBPatternBrushPt
PolylineTo
PtVisible
CreateDIBSection
RectVisible
RestoreDC
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectClipPath
SelectClipRgn
SelectObject
SelectPalette
SetAbortProc
SetArcDirection
SetBkColor
SetBkMode
SetBrushOrgEx
SetColorAdjustment
SetMapMode
SetMapperFlags
SetPolyFillMode
SetROP2
SetRectRgn
SetStretchBltMode
SetTextAlign
SetTextCharacterExtra
SetTextColor
SetTextJustification
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
StartDocW
StartPage
StretchBlt
StretchDIBits
TextOutW
CreateFontIndirectW
CreateFontW
CreateHatchBrush
CreatePatternBrush
CreatePen
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
DPtoLP

advapi32

AddAccessAllowedAceEx
DeregisterEventSource
GetLengthSid
GetTokenInformation
GetUserNameW
InitializeAcl
InitializeSecurityDescriptor
OpenProcessToken
OpenThreadToken
QueryTraceW
RegCloseKey
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
RegisterEventSourceW
RegisterServiceCtrlHandlerA
ReportEventA
ReportEventW
RevertToSelf
SetSecurityDescriptorDacl
SetServiceStatus
SetThreadToken
StartTraceW
TraceEvent

ntdll

RtlGUIDFromString
RtlInitUnicodeString

ole32

CoTaskMemFree
CoTaskMemRealloc
CoCreateGuid
CoCreateInstance
CoCreateInstanceEx
StringFromCLSID
StringFromGUID2
CoGetObjectContext
CLSIDFromString
CoSetProxyBlanket
CoTaskMemAlloc

comctl32

InitCommonControlsEx

Sections

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d28a8a985f51a25e2543a2cf6411d996

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ntdll

ole32

comctl32

Sections

.text Size: 156KB - Virtual size: 156KB

.rdata Size: 30KB - Virtual size: 30KB

.data Size: 17KB - Virtual size: 33KB

.reloc Size: 14KB - Virtual size: 16KB

.rsrc Size: 10KB - Virtual size: 12KB

.text
Size: 156KB - Virtual size: 156KB

.rdata
Size: 30KB - Virtual size: 30KB

.data
Size: 17KB - Virtual size: 33KB

.reloc
Size: 14KB - Virtual size: 16KB

.rsrc
Size: 10KB - Virtual size: 12KB