f892609a7094261abbca7b45bad6213c94d4ce0036341f8bdd0db42ecb11bfb2

Sharing

Copy URL

Twitter E-mail

General

Target

f892609a7094261abbca7b45bad6213c94d4ce0036341f8bdd0db42ecb11bfb2
Size

43KB
MD5

ee4017f7987f643df5854084db2df78c
SHA1

9f529a182435f027da79a1e381feea662669ba78
SHA256

f892609a7094261abbca7b45bad6213c94d4ce0036341f8bdd0db42ecb11bfb2
SHA512

5cbbc0b45bbda6b0340bb37e87c8c9acb8a169d84bff7bf1ca8422de1e2ea4b78f25be9618ca072456065b390fe8d55281ab81f9b9b55d2f0e8f886c13785d2d
SSDEEP

384:P/K2R/Wu/HpZcFS5JAj3okPnZ4zE3el0vTUxWzz:P/Ki/9/JZ0STO3lRz3SWX

Score

N/A

Malware Config

Signatures

Files

f892609a7094261abbca7b45bad6213c94d4ce0036341f8bdd0db42ecb11bfb2
.exe windows x86

33376e9b4b830bf46e880c461bf2a9e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemPowerStatus
GetTempPathA
GetThreadLocale
GetThreadSelectorEntry
GetTimeFormatW
GetUserDefaultLCID
GetVersionExW
GetVolumeInformationW
GetVolumeNameForVolumeMountPointA
GetWriteWatch
GlobalCompact
GlobalUnWire
HeapAlloc
IsBadCodePtr
IsBadHugeWritePtr
IsValidCodePage
IsValidLanguageGroup
LoadResource
LocalSize
LockFile
MapViewOfFileEx
MoveFileA
MoveFileExW
OpenSemaphoreA
OpenWaitableTimerW
PeekConsoleInputW
Process32Next
QueryInformationJobObject
GetStringTypeW
ReplaceFile
RequestDeviceWakeup
RtlMoveMemory
SearchPathA
SetComputerNameExW
SetCurrentDirectoryW
SetEnvironmentVariableW
SetFileApisToOEM
SetFilePointerEx
SetFileTime
SetLocaleInfoW
SetNamedPipeHandleState
SetPriorityClass
SetTapePosition
SetThreadExecutionState
SetThreadLocale
SetTimerQueueTimer
SignalObjectAndWait
UnlockFile
VerLanguageNameW
VerifyVersionInfoW
WriteConsoleInputA
WriteConsoleOutputCharacterA
WriteConsoleOutputCharacterW
lstrcpyA
lstrcpyn
GetShortPathNameA
GetProfileIntW
GetPrivateProfileStructA
GetNumberFormatA
GetMailslotInfo
GetFileType
GetFileAttributesA
GetDateFormatA
GetComputerNameExW
GetCommandLineA
GetCommState
GetCalendarInfoA
FindFirstVolumeA
FindFirstChangeNotificationW
FindClose
EnumUILanguagesA
EnumTimeFormatsW
ExitProcess
EnumResourceTypesA
EnumDateFormatsExA
EnterCriticalSection
DuplicateHandle
DnsHostnameToComputerNameW
DisconnectNamedPipe
DeviceIoControl
DeleteFileW
DefineDosDeviceA
CreateWaitableTimerW
CreateSemaphoreW
CreateProcessW
CreateProcessA
CreateMailslotW
CreateMailslotA
CreateJobObjectW
ContinueDebugEvent
CloseHandle
AreFileApisANSI
GetStartupInfoA
GetStartupInfoW
GetModuleHandleW
ReadConsoleW

msvcrt

memset

user32

GetMouseMovePointsEx
GetNextDlgGroupItem
GetScrollInfo
GetUserObjectSecurity
GetWindowLongW
InSendMessage
InSendMessageEx
IsCharLowerA
IsIconic
IsWindow
LoadCursorFromFileW
LoadCursorW
LoadMenuA
LockWindowUpdate
LookupIconIdFromDirectoryEx
MapDialogRect
MapVirtualKeyExW
MessageBoxExW
ModifyMenuW
OemToCharBuffW
PaintDesktop
PostQuitMessage
RegisterClassExA
ReleaseDC
ReuseDDElParam
SendDlgItemMessageW
SendIMEMessageExA
SendIMEMessageExW
SendMessageCallbackA
SendNotifyMessageW
SetActiveWindow
SetClassLongA
SetKeyboardState
SetMenuItemInfoA
SetScrollInfo
SetThreadDesktop
SetUserObjectSecurity
SetWindowRgn
SetWindowsHookA
ShowWindowAsync
SwapMouseButton
TrackMouseEvent
TranslateMessage
UnhookWindowsHook
UnionRect
ValidateRect
WindowFromDC
wsprintfA
GetMessageExtraInfo
GetMenuState
GetMenuItemInfoW
GetKeyboardLayout
GetCursorPos
GetCursor
GetClipboardOwner
GetClassInfoExA
GetClassInfoA
GetActiveWindow
FreeDDElParam
FindWindowExA
FindWindowA
FillRect
EnumWindowStationsW
DrawTextW
DrawIconEx
DrawFrameControl
DestroyWindow
DdeQueryNextServer
DdeFreeDataHandle
DdeCreateDataHandle
DdeConnect
CreateWindowStationW
CreateWindowExA
CreateIconIndirect
CreateIconFromResourceEx
CopyIcon
CloseClipboard
CharUpperW
CharUpperBuffW
CharUpperBuffA
CharNextExA
CharLowerA
ChangeDisplaySettingsExA
CallWindowProcW
BeginPaint
AnyPopup
DdeAbandonTransaction

gdi32

EngLoadModule
EngPaint
EngStretchBltROP
EngStrokePath
EnumFontsA
FONTOBJ_pvTrueTypeFontFile
FONTOBJ_vGetInfo
FontIsLinked
GdiConvertAndCheckDC
GdiConvertPalette
GdiConvertRegion
GdiCreateLocalMetaFilePict
GdiEntry16
GdiEntry8
GdiGetLocalBrush
GdiPlayJournal
GdiProcessSetup
GdiRealizationInfo
EngCreateClip
GetCharWidthFloatA
GetCharWidthI
GetCharWidthInfo
GetEnhMetaFileW
GetFontData
GetGlyphOutlineA
GetKerningPairs
GetROP2
GetTextExtentExPointI
GetTextExtentPoint32A
GetViewportOrgEx
NamedEscape
PatBlt
RealizePalette
RemoveFontResourceW
ResizePalette
SetICMMode
GetCharABCWidthsA
EngAcquireSemaphore

advapi32

RegOpenKeyA

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text6
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

owtwo1
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

owtwo2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo3
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo4
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo5
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo6
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo7
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33376e9b4b830bf46e880c461bf2a9e1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

advapi32

Sections

.text Size: 8KB - Virtual size: 7KB

.text6 Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 96B

owtwo1 Size: 1024B - Virtual size: 1000B

owtwo2 Size: 4KB - Virtual size: 3KB

.owtwo3 Size: 4KB - Virtual size: 3KB

.owtwo4 Size: 4KB - Virtual size: 3KB

.owtwo5 Size: 4KB - Virtual size: 3KB

.owtwo6 Size: 4KB - Virtual size: 3KB

.owtwo7 Size: 5KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 8KB - Virtual size: 7KB

.text6
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 96B

owtwo1
Size: 1024B - Virtual size: 1000B

owtwo2
Size: 4KB - Virtual size: 3KB

.owtwo3
Size: 4KB - Virtual size: 3KB

.owtwo4
Size: 4KB - Virtual size: 3KB

.owtwo5
Size: 4KB - Virtual size: 3KB

.owtwo6
Size: 4KB - Virtual size: 3KB

.owtwo7
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 16B