23aaf4463e08b9668001589889f35aa0784ed81668aab36e1c0b61e88b1112f0

Sharing

Copy URL Twitter E-mail

General

Target

23aaf4463e08b9668001589889f35aa0784ed81668aab36e1c0b61e88b1112f0
Size

656KB
MD5

666dd728a10e4abeffdf56f50de9b420
SHA1

b6b8e884445e684df12f5ebb748a6ff3fc707a6c
SHA256

23aaf4463e08b9668001589889f35aa0784ed81668aab36e1c0b61e88b1112f0
SHA512

591eae58253e4e3af604b1f635fc864dd5f9320ccb3af31b431a5a1bf089c2507162d41e39424e3e6435e30ef14f45d5afefbcbf88147afd8be20d225d8beb31
SSDEEP

12288:rageEkqNPMennFhMI7m777L6FpU8DEAziUrlruHpi4TVxDQnpO4BcFkXO4hwP:Hezq/hMI7m777L6FpxDEAduHNApWFT4K

Score

N/A

Malware Config

Signatures

Files

23aaf4463e08b9668001589889f35aa0784ed81668aab36e1c0b61e88b1112f0
.exe windows x86

37cea12e5b99f74d078897ed3abaec84

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
SleepEx
CreateEventA
LoadLibraryA
LoadLibraryW
LoadLibraryExW
GetModuleFileNameA
GetModuleHandleA
FatalAppExitA
GetStartupInfoA
GetCommandLineA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
FindResourceW
FindAtomA
GetCurrentDirectoryA
GetCurrentDirectoryW
DefineDosDeviceW
DeleteFileW
GetComputerNameA
QueryPerformanceFrequency
GetCurrentActCtx
lstrcpyW
GetOEMCP
WideCharToMultiByte
GetLocaleInfoW
GetDateFormatW
GetUserDefaultLCID
GetStringTypeA
EnumSystemLocalesA
WriteConsoleA
WriteConsoleW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
lstrcpyA
lstrcmpW
FormatMessageA
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
GetSystemTime
MulDiv
EraseTape
GetCommConfig
GetHandleInformation
FindClose
DeviceIoControl
WriteFile
GetStdHandle
SetHandleCount
GlobalDeleteAtom
SizeofResource
LoadResource
Sleep
LeaveCriticalSection
EnterCriticalSection
IsDebuggerPresent
SetLastError
GetLastError
TerminateThread
ExitThread
GetCurrentThread
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
GetCurrentProcess
GetProcessHeap
HeapAlloc
VirtualAllocEx
VirtualFree
VirtualAlloc
LocalFree
LocalReAlloc
GlobalCompact
GlobalFree
GlobalLock
GetVersion
GetProcAddress
DisableThreadLibraryCalls
FreeLibrary
IsValidCodePage
LockResource

user32

SetWindowLongA
SetWindowLongW
GetProcessDefaultLayout
SetProcessDefaultLayout
FindWindowA
GetWindowThreadProcessId
GetWindow
LoadCursorA
LoadIconA
LoadImageW
LoadStringA
IsDialogMessageA
UnhookWinEvent
GetCursorPos
SetCursor
MessageBeep
MessageBoxW
MessageBoxA
GetClientRect
GetWindowTextA
SetScrollPos
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
SetForegroundWindow
UpdateWindow
InsertMenuItemA
TrackPopupMenu
GetWindowLongW
SetMenuItemBitmaps
GetMenuItemCount
EnableMenuItem
DestroyMenu
GetSystemMenu
GetMenu
TranslateAcceleratorA
LoadAcceleratorsW
LoadAcceleratorsA
MsgWaitForMultipleObjects
GetFocus
CharNextW
CharUpperW
IsClipboardFormatAvailable
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextW
SetDlgItemTextA
SetDlgItemInt
DialogBoxIndirectParamA
DialogBoxParamW
SetWindowPlacement
MoveWindow
ShowWindow
IsChild
CreateWindowExA
RegisterClassExA
CallWindowProcW
OffsetRect
InflateRect
GetSysColor
GetMenuCheckMarkDimensions
ClientToScreen
CallWindowProcA
PostQuitMessage
DefWindowProcW
DefWindowProcA
PostMessageA
SendMessageW
SendMessageA
PeekMessageA
DispatchMessageA
RegisterWindowMessageW
wsprintfW
ReleaseCapture

gdi32

SetViewportExtEx
TextOutW
TextOutA
AbortDoc
EndPage
EndDoc
StartDocW
StartDocA
GetTextMetricsA
StretchBlt
SetMapMode
SetBkMode
GetTextExtentPoint32A
GetTextExtentPointA
EnumFontsW
DeleteObject
DeleteDC
CreateFontA
CreateCompatibleBitmap
CreateDCW

comdlg32

PageSetupDlgW
PrintDlgExW
PrintDlgA
ChooseFontA
FindTextW
GetOpenFileNameA
GetSaveFileNameA
GetSaveFileNameW
GetFileTitleW
ChooseColorA
FindTextA

advapi32

StartServiceA
QueryServiceStatus
OpenServiceA
CreateServiceA
CloseServiceHandle
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyA
LookupPrivilegeValueA
OpenProcessToken
IsTextUnicode

shell32

ShellExecuteExA
DragAcceptFiles
DragFinish
SHGetSpecialFolderPathA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

37cea12e5b99f74d078897ed3abaec84

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 1012B

.rsrc Size: 108KB - Virtual size: 104KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 1012B

.rsrc
Size: 108KB - Virtual size: 104KB