2578f13d362f82ff5bab41f588d3b2d47900a6f3ee80bf506f4db2ce3968461b

Sharing

Copy URL

Twitter E-mail

General

Target

2578f13d362f82ff5bab41f588d3b2d47900a6f3ee80bf506f4db2ce3968461b
Size

1.8MB
MD5

177db016f9870a305890778549d851f8
SHA1

b1d8d99e230a8f1b0031bb6643d5a2f06cb390d0
SHA256

2578f13d362f82ff5bab41f588d3b2d47900a6f3ee80bf506f4db2ce3968461b
SHA512

efd9a66d4cb63aeb23a16406754ae02a6bd7e920bda54d9634567368c1957f116456b00d38f324d20064e3186e674ab69e814ff69b25ec686944fb1557327c71
SSDEEP

12288:OZ29KkBCoRd8N6xUWyE42wDTeFPyC3bhwhFDwefVrJm33qz1xBfeMn7tbtCE:Gk86d8ZjpDSFPHNharJm33qVfr7tsE

Score

1^/10

Malware Config

Signatures

Files

2578f13d362f82ff5bab41f588d3b2d47900a6f3ee80bf506f4db2ce3968461b
.exe windows x86

eb2aa8ac51b3fa20746bb333bba41b7e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

api-ms-win-core-path-l1-1-0

PathCchRemoveFileSpec

kernel32

GlobalAlloc
GlobalLock
GlobalUnlock
FreeResource
CreateMutexW
CreateThread
CloseHandle
WaitForSingleObject
Sleep
CreateFileW
GetModuleFileNameW
GetLastError
WriteFile
GetPrivateProfileSectionNamesW
GetPrivateProfileStringW
WritePrivateProfileStringW
lstrlenW
WritePrivateProfileSectionW
GetTickCount64
GetLocalTime
OutputDebugStringW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
HeapReAlloc
HeapSize
SetFilePointerEx
GetStringTypeW
SetStdHandle
GetProcessHeap
LoadResource
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
MultiByteToWideChar
WideCharToMultiByte
GetFileType
HeapAlloc
HeapFree
DecodePointer
GetStdHandle
GetModuleHandleExW
ExitProcess
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
SetLastError
RaiseException
RtlUnwind
InitializeSListHead
SizeofResource
FindResourceW
SetThreadLocale
SetThreadUILanguage
GetVersionExW
GetSystemDefaultLangID
LCMapStringW
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
WriteConsoleW
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection

user32

TranslateAcceleratorW
TranslateMessage
DispatchMessageW
LoadIconW
LoadCursorW
RegisterClassExW
CreateWindowExW
ShowWindow
UpdateWindow
SetWindowLongW
GetWindowLongW
PostMessageW
BeginPaint
EndPaint
MoveWindow
SendMessageW
GetDC
ReleaseDC
MessageBoxW
PostQuitMessage
DefWindowProcW
GetMessageW
GetClientRect
InvalidateRect
SetRect
CopyRect
FillRect
FrameRect
DrawTextW
RedrawWindow
OffsetRect
GetWindowTextW
SetWindowTextW
wsprintfW
SetWindowPos
ScreenToClient
PtInRect
CreatePopupMenu
AppendMenuW
TrackPopupMenu
CallWindowProcW
GetClassLongW
LoadAcceleratorsW
GetWindowRect
GetSystemMetrics
ValidateRect
EnableWindow
IsWindowVisible
LoadStringW

gdi32

GetStockObject
CreateFontW
TextOutW
DeleteObject
SelectObject
SetBkMode
SetTextColor
CreateSolidBrush

shell32

ShellExecuteW

ole32

CreateStreamOnHGlobal

gdiplus

GdipLoadImageFromStream
GdipFree
GdipAlloc
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipDeleteGraphics
GdipDrawImageRectI
GdipDisposeImage
GdipCreatePen1
GdipDrawLineI
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipCreateFont
GdipDeleteFont
GdipCreateFromHDC
GdipDrawRectangle
GdipGetPathWorldBounds
GdipGetFontStyle
GdipGetFontSize
GdipAddPathString
GdipSetStringFormatTabStops
GdipSetSmoothingMode
GdipDeleteRegion
GdipCreateRegionPath
GdipAddPathEllipseI
GdipDeletePath
GdipCreatePath
GdipLoadImageFromFile
GdipSetStringFormatAlign
GdipDrawRectangleI
GdipMeasureString
GdipFillRectangleI
GdipCreateLineBrushI
GdipDrawString
GdipFillRectangle
GdipSetStringFormatLineAlign
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeletePen

Sections

.text
Size: 443KB - Virtual size: 442KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb2aa8ac51b3fa20746bb333bba41b7e

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

api-ms-win-core-path-l1-1-0

kernel32

user32

gdi32

shell32

ole32

gdiplus

Sections

.text Size: 443KB - Virtual size: 442KB

.rdata Size: 102KB - Virtual size: 102KB

.data Size: 9KB - Virtual size: 31KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.reloc Size: 37KB - Virtual size: 37KB

.text
Size: 443KB - Virtual size: 442KB

.rdata
Size: 102KB - Virtual size: 102KB

.data
Size: 9KB - Virtual size: 31KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.reloc
Size: 37KB - Virtual size: 37KB