afb81a7e2b6432004201f4b736d2d1e80322a3cde9f592f35401934e80c30c52

Sharing

Copy URL

Twitter E-mail

General

Target

afb81a7e2b6432004201f4b736d2d1e80322a3cde9f592f35401934e80c30c52
Size

47KB
MD5

2fc37e233d74f3eb5aa562c03e142320
SHA1

1b00f146c442e163b0b3fb6ab1724f9bf71c4741
SHA256

afb81a7e2b6432004201f4b736d2d1e80322a3cde9f592f35401934e80c30c52
SHA512

604a5b71f708eb2d0e994c24887fbae3c3e93165f3c4817e2eb5de23f0e9d2a9902c069443fed49f2cdbe3bc6cad2ca67a65da0e0a0fcf021dab3f647ccaf31b
SSDEEP

384:9QM5fe/rXSr4wD0QGp/HpZcFS5JAj3o/:9QMLcwQQi/JZ0STO3I

Score

N/A

Malware Config

Signatures

Files

afb81a7e2b6432004201f4b736d2d1e80322a3cde9f592f35401934e80c30c52
.exe windows x86

9f56434da553648ad9c388af5b578636

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemPowerStatus
GetTempPathA
GetThreadLocale
GetThreadSelectorEntry
GetTimeFormatW
GetUserDefaultLCID
GetVersionExW
GetVolumeInformationW
GetVolumeNameForVolumeMountPointA
GetWriteWatch
GlobalCompact
GlobalUnWire
HeapAlloc
IsBadCodePtr
IsBadHugeWritePtr
IsValidCodePage
IsValidLanguageGroup
LoadResource
LocalSize
LockFile
MapViewOfFileEx
MoveFileA
MoveFileExW
OpenSemaphoreA
OpenWaitableTimerW
PeekConsoleInputW
Process32Next
QueryInformationJobObject
GetStringTypeW
ReplaceFile
RequestDeviceWakeup
RtlMoveMemory
SearchPathA
SetComputerNameExW
SetCurrentDirectoryW
SetEnvironmentVariableW
SetFileApisToOEM
SetFilePointerEx
SetFileTime
SetLocaleInfoW
SetNamedPipeHandleState
SetPriorityClass
SetTapePosition
SetThreadExecutionState
SetThreadLocale
SetTimerQueueTimer
SignalObjectAndWait
UnlockFile
VerLanguageNameW
VerifyVersionInfoW
WriteConsoleInputA
WriteConsoleOutputCharacterA
WriteConsoleOutputCharacterW
lstrcpyA
lstrcpyn
GetShortPathNameA
GetProfileIntW
GetPrivateProfileStructA
GetNumberFormatA
GetMailslotInfo
GetFileType
GetFileAttributesA
GetDateFormatA
GetComputerNameExW
GetCommandLineA
GetCommState
GetCalendarInfoA
FindFirstVolumeA
FindFirstChangeNotificationW
FindClose
EnumUILanguagesA
EnumTimeFormatsW
GetModuleHandleW
EnumResourceTypesA
EnumDateFormatsExA
EnterCriticalSection
DuplicateHandle
DnsHostnameToComputerNameW
DisconnectNamedPipe
DeviceIoControl
DeleteFileW
DefineDosDeviceA
CreateWaitableTimerW
CreateSemaphoreW
CreateProcessW
CreateProcessA
CreateMailslotW
CreateMailslotA
CreateJobObjectW
ContinueDebugEvent
CloseHandle
AreFileApisANSI
GetStartupInfoA
GetStartupInfoW
ExitProcess
ReadConsoleW

msvcrt

memset

user32

GetMouseMovePointsEx
GetNextDlgGroupItem
GetScrollInfo
GetUserObjectSecurity
GetWindowLongW
InSendMessage
InSendMessageEx
IsCharLowerA
IsIconic
IsWindow
LoadCursorFromFileW
LoadCursorW
LoadMenuA
LockWindowUpdate
LookupIconIdFromDirectoryEx
MapDialogRect
MapVirtualKeyExW
MessageBoxExW
ModifyMenuW
OemToCharBuffW
PaintDesktop
PostQuitMessage
RegisterClassExA
ReleaseDC
ReuseDDElParam
SendDlgItemMessageW
SendIMEMessageExA
SendIMEMessageExW
SendMessageCallbackA
SendNotifyMessageW
SetActiveWindow
SetClassLongA
SetKeyboardState
SetMenuItemInfoA
SetScrollInfo
SetThreadDesktop
SetUserObjectSecurity
SetWindowRgn
SetWindowsHookA
ShowWindowAsync
SwapMouseButton
TrackMouseEvent
TranslateMessage
UnhookWindowsHook
UnionRect
ValidateRect
WindowFromDC
wsprintfA
GetMessageExtraInfo
GetMenuState
GetMenuItemInfoW
GetKeyboardLayout
GetCursorPos
GetCursor
GetClipboardOwner
GetClassInfoExA
GetClassInfoA
GetActiveWindow
FreeDDElParam
FindWindowExA
FindWindowA
FillRect
EnumWindowStationsW
DrawTextW
DrawIconEx
DrawFrameControl
DestroyWindow
DdeQueryNextServer
DdeFreeDataHandle
DdeCreateDataHandle
DdeConnect
CreateWindowStationW
CreateWindowExA
CreateIconIndirect
CreateIconFromResourceEx
CopyIcon
CloseClipboard
CharUpperW
CharUpperBuffW
CharUpperBuffA
CharNextExA
CharLowerA
ChangeDisplaySettingsExA
CallWindowProcW
BeginPaint
AnyPopup
DdeAbandonTransaction

gdi32

EngLoadModule
EngPaint
EngStretchBltROP
EngStrokePath
EnumFontsA
FONTOBJ_pvTrueTypeFontFile
FONTOBJ_vGetInfo
FontIsLinked
GdiConvertAndCheckDC
GdiConvertPalette
GdiConvertRegion
GdiCreateLocalMetaFilePict
GdiEntry16
GdiEntry8
GdiGetLocalBrush
GdiPlayJournal
GdiProcessSetup
GdiRealizationInfo
EngCreateClip
GetCharWidthFloatA
GetCharWidthI
GetCharWidthInfo
GetEnhMetaFileW
GetFontData
GetGlyphOutlineA
GetKerningPairs
GetROP2
GetTextExtentExPointI
GetTextExtentPoint32A
GetViewportOrgEx
NamedEscape
PatBlt
RealizePalette
RemoveFontResourceW
ResizePalette
SetICMMode
GetCharABCWidthsA
EngAcquireSemaphore

advapi32

RegOpenKeyA

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

owtwo1
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

owtwo2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo3
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo4
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo5
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo6
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo7
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo8
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f56434da553648ad9c388af5b578636

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

advapi32

Sections

.text Size: 15KB - Virtual size: 14KB

.data Size: 512B - Virtual size: 80B

owtwo1 Size: 1024B - Virtual size: 1000B

owtwo2 Size: 4KB - Virtual size: 3KB

.owtwo3 Size: 4KB - Virtual size: 3KB

.owtwo4 Size: 4KB - Virtual size: 3KB

.owtwo5 Size: 4KB - Virtual size: 3KB

.owtwo6 Size: 4KB - Virtual size: 3KB

.owtwo7 Size: 4KB - Virtual size: 3KB

.owtwo8 Size: 5KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 15KB - Virtual size: 14KB

.data
Size: 512B - Virtual size: 80B

owtwo1
Size: 1024B - Virtual size: 1000B

owtwo2
Size: 4KB - Virtual size: 3KB

.owtwo3
Size: 4KB - Virtual size: 3KB

.owtwo4
Size: 4KB - Virtual size: 3KB

.owtwo5
Size: 4KB - Virtual size: 3KB

.owtwo6
Size: 4KB - Virtual size: 3KB

.owtwo7
Size: 4KB - Virtual size: 3KB

.owtwo8
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 16B