f8638ba9cb10687daf08d89216540bf420a7479b291b80880a115ffaf7bc91a8

Sharing

Copy URL Twitter E-mail

General

Target

f8638ba9cb10687daf08d89216540bf420a7479b291b80880a115ffaf7bc91a8
Size

2.1MB
MD5

36061815726aa75d6c63e2a402470d80
SHA1

a886786adde3526904276e4b6abf55bfe1604a69
SHA256

f8638ba9cb10687daf08d89216540bf420a7479b291b80880a115ffaf7bc91a8
SHA512

b67a6ef6dfe65ea99466c68ef374eadf91a52e8759a8278a532f11821d53c7495f161cb6b2013b48f9cb644962a58bb3c81cfda68f0949069eb7be4599032c23
SSDEEP

49152:s2RjXryZwyJRhnpY9LCx00giXqTUmx38iuQOkO6hKgwQbBUz:s2cZwyJRhnpY9h0giXo8iuQOQ4HQbBUz

Score

1^/10

Malware Config

Signatures

Files

f8638ba9cb10687daf08d89216540bf420a7479b291b80880a115ffaf7bc91a8
.exe windows x86

b03a539042a7804a2f9bcf5387a5b258

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
CreateFileA
LoadLibraryA
GetLocalTime
OutputDebugStringA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
FlushInstructionCache
TerminateProcess
GetModuleHandleW
FindFirstFileA
GetSystemDirectoryA
GetSystemDefaultLangID
lstrlenW
InterlockedIncrement
InterlockedDecrement
lstrlenA
lstrcmpiA
IsDBCSLeadByte
LocalFree
FreeLibrary
LoadLibraryExA
DeleteFileA
CreateEventA
SetUnhandledExceptionFilter
FindClose
FindNextFileA
GetWindowsDirectoryA
Sleep
WinExec
SetCurrentDirectoryA
CopyFileA
SetFileAttributesA
MoveFileExA
lstrcpyA
RemoveDirectoryA
CreateDirectoryA
GetDiskFreeSpaceExA
WriteFile
ReadFile
ConnectNamedPipe
CloseHandle
CreateNamedPipeA
CreateThread
GetCommandLineA
SetFilePointer
GetFileSize
GetProcessTimes
GetSystemTime
FileTimeToDosDateTime
DosDateTimeToFileTime
GetModuleFileNameW
LoadLibraryW
LoadLibraryExW
WaitForMultipleObjects
GetLogicalDriveStringsW
GetLogicalDriveStringsA
FindFirstChangeNotificationW
FindNextFileW
FindFirstFileW
FindFirstChangeNotificationA
FindCloseChangeNotification
OpenEventA
OpenFileMappingA
FormatMessageW
SearchPathW
GetFullPathNameW
GetTempFileNameW
GetTempPathW
SearchPathA
GetModuleHandleA
GetProcAddress
GetCurrentProcess
GetVersionExA
SetLastError
FindResourceExA
FindResourceA
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
MultiByteToWideChar
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetModuleFileNameA
GetTempPathA
GetCurrentDirectoryW
SetCurrentDirectoryW
GetShortPathNameA
DeleteFileW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
SetFileAttributesW
GetSystemDirectoryW
GetWindowsDirectoryW
GetCommandLineW
SetFileApisToOEM
GlobalMemoryStatus
ReleaseSemaphore
CreateSemaphoreA
DisconnectNamedPipe
GetTickCount
ResetEvent
SetEvent
CompareFileTime
AreFileApisANSI
GetFileInformationByHandle
DeviceIoControl
SetEndOfFile
ExitThread
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
GetFileAttributesA
GetDiskFreeSpaceA
GetDriveTypeA
SetVolumeLabelA
GetCurrentDirectoryA
MoveFileA
GetTempFileNameA
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
FormatMessageA
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
HeapDestroy
HeapReAlloc
HeapSize
InterlockedExchange
GetLocaleInfoA
RtlUnwind
ExitProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
VirtualProtect
GetSystemInfo
VirtualQuery
GetStartupInfoA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
SetEnvironmentVariableA
FlushFileBuffers
SetStdHandle
GetFileType
LCMapStringA
LCMapStringW
GetCPInfo
GetTimeFormatA
GetDateFormatA
CompareStringA
CompareStringW
GetStringTypeW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThread
GetStdHandle
FatalAppExitA
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
HeapCreate
GetTimeZoneInformation
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetConsoleCP
GetConsoleMode
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetFullPathNameA
CreateFileW

user32

PostMessageA
SendMessageA
SetWindowLongA
wsprintfA
OemToCharBuffA
CharToOemBuffA
UnregisterClassA
CharUpperA
CharToOemA
CharPrevExA
CharPrevA
CharLowerA
CharUpperW
GetWindowRect
DefWindowProcA
GetActiveWindow
DialogBoxParamA
GetParent
GetWindow
ShowWindow
MonitorFromWindow
GetMonitorInfoA
GetClientRect
MapWindowPoints
SetWindowPos
GetWindowLongA
GetDlgItem
SetWindowTextA
DestroyWindow
CharNextA
EndDialog
CharLowerW

advapi32

RegSetValueExA
LookupAccountNameA
GetNamedSecurityInfoA
GetAclInformation
GetAce
GetNamedSecurityInfoW
BuildExplicitAccessWithNameW
SetEntriesInAclW
SetNamedSecurityInfoW
RegEnumKeyExA
RegQueryInfoKeyA
AddAce
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
CopySid
IsValidSid
GetLengthSid
SetNamedSecurityInfoA
InitializeAcl

shell32

ShellExecuteA
ShellExecuteExA

ole32

CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitialize
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

SysFreeString
SysAllocStringByteLen
VariantClear
VariantCopy
SysAllocString
VarUI4FromStr

shlwapi

PathRemoveFileSpecA

comctl32

InitCommonControlsEx

ws2_32

send
recv
accept
listen
bind
htons
closesocket
WSACleanup
socket
WSAStartup
setsockopt

Sections

.text
Size: 809KB - Virtual size: 809KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b03a539042a7804a2f9bcf5387a5b258

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

ws2_32

Sections

.text Size: 809KB - Virtual size: 809KB

.rdata Size: 153KB - Virtual size: 152KB

.data Size: 23KB - Virtual size: 42KB

.rsrc Size: 116KB - Virtual size: 116KB

.text
Size: 809KB - Virtual size: 809KB

.rdata
Size: 153KB - Virtual size: 152KB

.data
Size: 23KB - Virtual size: 42KB

.rsrc
Size: 116KB - Virtual size: 116KB