3b4763409fac1fc1ccc2de17ac38bc601195fae6b736114d8454d8ae1ed08ffb

Sharing

Copy URL Twitter E-mail

General

Target

3b4763409fac1fc1ccc2de17ac38bc601195fae6b736114d8454d8ae1ed08ffb
Size

2.6MB
MD5

aabbbe10d5dd330eae84efdffc5d078d
SHA1

133f7a0ecc3f995386c01d1998c105fcb02376b3
SHA256

3b4763409fac1fc1ccc2de17ac38bc601195fae6b736114d8454d8ae1ed08ffb
SHA512

06ed9d8f674958d6ef9ee973ead74602bdf6fbf295585ebd0475504de1297eacba7161d2fc94192c8d58f0607b85ae1832b4a0e4eab624f7ca2869a280d65126
SSDEEP

24576:/pxDrAn1cc1ZP3elavE6h2AHAqjpfmb4rxjNtkFrCwXAkxd4iXgFdO:7QrNvE6h2AHApOjNtSrCw/xd4iXgy

Score

1^/10

Malware Config

Signatures

Files

3b4763409fac1fc1ccc2de17ac38bc601195fae6b736114d8454d8ae1ed08ffb
.exe windows x86

043d0f2fc2a93e42faf3fc8ccb11343a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmInstallIMEW

kernel32

UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
RaiseException
DecodePointer
DeleteCriticalSection
GetLogicalDriveStringsW
GetTickCount
GetPrivateProfileStringW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
MoveFileW
WideCharToMultiByte
MultiByteToWideChar
CompareFileTime
WritePrivateProfileStringW
DeviceIoControl
GetDriveTypeW
CreateDirectoryW
LoadLibraryExW
GetLongPathNameW
SetEvent
ResetEvent
CreateEventW
InterlockedExchangeAdd
GetACP
GetFileSize
SetFilePointer
SetEndOfFile
SetFileTime
WriteFile
ReadFile
lstrlenW
GetFullPathNameW
GetCurrentDirectoryW
GetWindowsDirectoryW
FormatMessageW
GetFileSizeEx
GetFileAttributesExW
ResumeThread
GlobalMemoryStatusEx
MapViewOfFile
FileTimeToLocalFileTime
QueryDosDeviceW
QueryPerformanceCounter
VirtualQuery
SetEnvironmentVariableA
WriteConsoleW
OutputDebugStringW
HeapReAlloc
GetTimeZoneInformation
FlushFileBuffers
PeekNamedPipe
GetFileInformationByHandle
SetStdHandle
GetConsoleCP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetFileType
GetStdHandle
SetFilePointerEx
ReadConsoleW
GetConsoleMode
HeapSize
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LocalAlloc
FileTimeToSystemTime
SystemTimeToFileTime
GetModuleFileNameW
LocalFree
GetProcessHeap
HeapFree
HeapAlloc
GetCurrentThreadId
LoadLibraryW
FreeLibrary
SetFileAttributesW
RemoveDirectoryW
GetFileAttributesW
Sleep
MoveFileExW
ReleaseMutex
OpenMutexW
CreateMutexW
ExpandEnvironmentStringsW
GetCurrentProcessId
GetLastError
CreateFileW
InitializeCriticalSectionAndSpinCount
OpenProcess
WaitForSingleObject
CreateProcessW
GetProcAddress
GetVersionExW
GetModuleHandleW
FindNextFileW
FindClose
FindFirstFileW
GetTempFileNameW
DeleteFileW
GetTempPathW
CopyFileW
SetLastError
GetSystemDirectoryW
CloseHandle
GetCurrentProcess
DosDateTimeToFileTime
RtlUnwind
ExitThread
CreateThread
GetCPInfo
SystemTimeToTzSpecificLocalTime
FindFirstFileExW
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
IsDebuggerPresent
GetCommandLineW
EncodePointer
GetStringTypeW

user32

UnloadKeyboardLayout
LoadKeyboardLayoutW
SystemParametersInfoW
ActivateKeyboardLayout
VkKeyScanW
LoadStringW
GetDC
ReleaseDC

gdi32

EnumFontFamiliesExW

advapi32

OpenProcessToken
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetSecurityDescriptorSacl
FreeSid
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
AllocateAndInitializeSid
GetSecurityDescriptorDacl
SetEntriesInAclW
GetNamedSecurityInfoW
GetAce
SetNamedSecurityInfoW
LookupAccountNameW
GetFileSecurityW
EqualSid
GetAclInformation
GetUserNameW
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegUnLoadKeyW
RegCloseKey
RegLoadKeyW
AdjustTokenPrivileges
RegOpenKeyExW
LookupPrivilegeValueW

shell32

SHCreateDirectoryExW
SHGetFolderPathW

ole32

CoCreateInstance

userenv

GetDefaultUserProfileDirectoryW

Sections

.text
Size: 785KB - Virtual size: 785KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1.3MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rcshare
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 141KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

043d0f2fc2a93e42faf3fc8ccb11343a

Headers

DLL Characteristics

File Characteristics

Imports

imm32

kernel32

user32

gdi32

advapi32

shell32

ole32

userenv

Sections

.text Size: 785KB - Virtual size: 785KB

.rdata Size: 179KB - Virtual size: 179KB

.data Size: 1.3MB - Virtual size: 3.0MB

.rcshare Size: 163KB - Virtual size: 162KB

.rsrc Size: 91KB - Virtual size: 90KB

.reloc Size: 141KB - Virtual size: 144KB

.text
Size: 785KB - Virtual size: 785KB

.rdata
Size: 179KB - Virtual size: 179KB

.data
Size: 1.3MB - Virtual size: 3.0MB

.rcshare
Size: 163KB - Virtual size: 162KB

.rsrc
Size: 91KB - Virtual size: 90KB

.reloc
Size: 141KB - Virtual size: 144KB