6b10fe1809913241345166a7e8a761edededd1144499244d66e050f47f4010a6

Sharing

Copy URL Twitter E-mail

General

Target

6b10fe1809913241345166a7e8a761edededd1144499244d66e050f47f4010a6
Size

1.2MB
MD5

772653a80fe979ad2c364acd4bd7e487
SHA1

c937ce9cceeb0b881169dc6acc7cd8c59dc773cd
SHA256

6b10fe1809913241345166a7e8a761edededd1144499244d66e050f47f4010a6
SHA512

eff85be204fb485934aaec713ea76c64c4d06a0072fb0e617d865a57cade7c5be29df6078a1f596349d5e77678e87eafe252d322146968fa1db00aafbadf9f9b
SSDEEP

24576:ns7FkuoOMGBgdM1wTTQKgBlepaKkhL3Us0oRiRaz2Ex:CFkuo556repaKkhL3Us0oRiRREx

Score

N/A

Malware Config

Signatures

Files

6b10fe1809913241345166a7e8a761edededd1144499244d66e050f47f4010a6
.exe windows x86

dba68b7b38a45d3a0e6812e9f0320492

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GlobalLock
GlobalAlloc
CreateFileA
GetThreadLocale
lstrcmpiW
WideCharToMultiByte
CreateDirectoryW
DosDateTimeToFileTime
WriteConsoleW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
SetFilePointerEx
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SystemTimeToFileTime
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetStdHandle
FreeLibraryAndExitThread
ExitThread
CreateThread
GetModuleHandleExW
InitializeSListHead
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
SetEvent
GetCPInfo
GetLocaleInfoW
LCMapStringW
GetSystemTimeAsFileTime
CreateEventW
GetStringTypeW
SetHandleInformation
CreatePipe
ReleaseMutex
CreateMutexW
OutputDebugStringW
GetExitCodeProcess
CreateProcessW
WTSGetActiveConsoleSessionId
DuplicateHandle
SetFileTime
SetFilePointer
WriteFile
GetFileType
GetCurrentProcess
CreateFileW
ReadFile
GetFileSize
MulDiv
FindResourceW
SizeofResource
LoadResource
ExitProcess
LockResource
FreeResource
InterlockedIncrement
GetCurrentDirectoryW
MultiByteToWideChar
GetACP
SetUnhandledExceptionFilter
CopyFileW
GetPrivateProfileStringA
GetCommandLineW
GetCurrentProcessId
GetCurrentThreadId
GetLocalTime
GetLastError
RemoveDirectoryW
GetPrivateProfileStringW
CloseHandle
lstrcmpW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
DeleteFileW
InterlockedDecrement
GetModuleFileNameW
lstrlenW
InitializeCriticalSectionAndSpinCount
LoadLibraryW
GetTempPathW
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
DecodePointer
LocalFree
SetDllDirectoryW
GetProcAddress
GetModuleHandleW
GetSystemDirectoryW
EncodePointer
RtlUnwind
ResumeThread
WaitForSingleObject
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
RaiseException
GetTickCount

user32

PtInRect
SendMessageW
SetFocus
IsWindow
GetDC
wvsprintfW
SetCursor
UnionRect
OffsetRect
IsRectEmpty
GetMessageW
TranslateMessage
DispatchMessageW
PostMessageW
DefWindowProcW
CallWindowProcW
IsWindowVisible
MessageBoxW
PostQuitMessage
LoadCursorW
SetWindowPos
RegisterClassW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
SetWindowLongW
IsIconic
EnableWindow
GetSystemMetrics
SetPropW
GetPropW
GetClientRect
GetWindowRect
GetParent
GetWindow
LoadImageW
MonitorFromWindow
GetMonitorInfoW
DestroyWindow
CharNextW
GetActiveWindow
GetFocus
GetKeyState
SetCapture
ReleaseCapture
SetTimer
KillTimer
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
GetCursorPos
ScreenToClient
MapWindowPoints
IntersectRect
IsZoomed
SetWindowRgn
MoveWindow
CreateAcceleratorTableW
InvalidateRgn
GetWindowLongW
ShowWindow
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetSysColor
GetCaretPos
SetCaretPos
ShowCaret
HideCaret
GetCaretBlinkTime
CreateCaret
GetWindowRgn
SetRect
DrawTextW
CharPrevW
GetGUIThreadInfo
FillRect
ClientToScreen

gdi32

RoundRect
LineTo
GetTextExtentPoint32W
GetClipBox
GetCharABCWidthsW
CreateSolidBrush
CreateRectRgnIndirect
CreatePenIndirect
CombineRgn
GetObjectA
GetDeviceCaps
CreateRoundRectRgn
SetWindowOrgEx
SelectClipRgn
GetTextMetricsW
SelectObject
SaveDC
RestoreDC
Rectangle
GetStockObject
DeleteObject
DeleteDC
CreatePen
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
ExtSelectClipRgn
SetBkColor
SetBkMode
StretchBlt
SetStretchBltMode
SetTextColor
CreateDIBSection
MoveToEx
TextOutW
ExtTextOutW
GdiFlush
CreateRectRgn
PtInRegion
CreatePatternBrush
GetObjectW

shell32

ShellExecuteW
CommandLineToArgvW

ole32

CreateStreamOnHGlobal
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VariantClear
VariantInit
SysAllocString
SysFreeString

gdiplus

GdipSetCompositingQuality
GdipSetSmoothingMode
GdipSetPixelOffsetMode
GdipSetTextRenderingHint
GdipSetInterpolationMode
GdipGraphicsClear
GdipDrawImage
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateBitmapFromScan0
GdipDrawImageRectI
GdipDeleteFontFamily
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipDeleteStringFormat
GdipDrawString
GdipCreateStringFormat
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdipCreateLineBrushI
GdipDeleteBrush
GdipCloneBrush
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipLoadImageFromStream
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipGetFamily
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount

shlwapi

PathRemoveFileSpecW
StrCmpW
PathFileExistsW
PathFileExistsA

comctl32

_TrackMouseEvent
ord17

imm32

ImmReleaseContext
ImmSetCompositionFontW
ImmSetCompositionWindow
ImmGetContext

wtsapi32

WTSQuerySessionInformationW
WTSFreeMemory

netapi32

NetApiBufferFree
NetUserGetInfo

advapi32

RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyExW
CheckTokenMembership
FreeSid
AllocateAndInitializeSid

Sections

.text
Size: 627KB - Virtual size: 626KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 428KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dba68b7b38a45d3a0e6812e9f0320492

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

gdiplus

shlwapi

comctl32

imm32

wtsapi32

netapi32

advapi32

Sections

.text Size: 627KB - Virtual size: 626KB

.rdata Size: 158KB - Virtual size: 158KB

.data Size: 8KB - Virtual size: 23KB

.gfids Size: 512B - Virtual size: 496B

.tls Size: 512B - Virtual size: 9B

_RDATA Size: 512B - Virtual size: 32B

.rsrc Size: 428KB - Virtual size: 428KB

.reloc Size: 33KB - Virtual size: 32KB

.text
Size: 627KB - Virtual size: 626KB

.rdata
Size: 158KB - Virtual size: 158KB

.data
Size: 8KB - Virtual size: 23KB

.gfids
Size: 512B - Virtual size: 496B

.tls
Size: 512B - Virtual size: 9B

_RDATA
Size: 512B - Virtual size: 32B

.rsrc
Size: 428KB - Virtual size: 428KB

.reloc
Size: 33KB - Virtual size: 32KB