0610dae1ee563513ec9bab3ae13b0eb2ee509a791f79b6b8bbf91fd46aaca2c4

General

Target

0610dae1ee563513ec9bab3ae13b0eb2ee509a791f79b6b8bbf91fd46aaca2c4
Size

600KB
MD5

fd18bebdfc7ee86b2dc299ff3b53bb30
SHA1

7cc63d85fabe99c64f94c6c8089575f566519fc1
SHA256

0610dae1ee563513ec9bab3ae13b0eb2ee509a791f79b6b8bbf91fd46aaca2c4
SHA512

80e94663bd49603f5bda543343f61a22a2c7949cde139fac52480ae7f057417542981d93d95c23266f1ff38fbe60c03bfe8c3c7fae81a195155fa5cfe15b22b6
SSDEEP

12288:NyK3FAyt2y5esclHdwCVJEJHGMWxfLoFB5nVRZ6mOkJuij0:NyoFVes8HCCVJEZGMWBUNVP6mNjj

Score

N/A

Malware Config

Signatures

Files

0610dae1ee563513ec9bab3ae13b0eb2ee509a791f79b6b8bbf91fd46aaca2c4
.exe windows x86

96c766b3e774d8e412189713e40b75ea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shimeng

SE_IsShimDll
SE_InstallBeforeInit

user32

wsprintfA
DrawStateA
IsCharLowerW
LoadImageA
GetPropA
CreateDesktopW
LoadCursorA
PostMessageA
LoadIconW
PeekMessageA
LoadMenuW
LoadMenuW
LoadCursorA
wsprintfA
PostMessageA
MessageBoxW
CreateWindowExA
GetPropA
LoadBitmapW
GetClassLongW
LoadStringW
DialogBoxParamA
LoadIconA
DrawStateA
PeekMessageA

kernel32

CreateSemaphoreA
FindClose
lstrcatA
GetVersion
GetStringTypeA
GetFileSize
lstrcmp
IsBadStringPtrW
GetSystemDirectoryA
ReadConsoleA
CreateFileMappingA
GetStartupInfoW
GetCommandLineA
SearchPathW
SetFileTime
EnterCriticalSection
GetProcAddress
GetCurrentThreadId
FindNextFileA
WaitForSingleObjectEx
DeleteFileW
GetExpandedNameA
LoadLibraryW
MoveFileW
GetModuleHandleA

crypt32

CertSaveStore
CertFindAttribute
CertCompareCertificate
CertGetNameStringA
CertAlgIdToOID
CertControlStore
CertCloseStore
CertDuplicateCRLContext
CertFindExtension
CryptFindOIDInfo
CertDeleteCRLFromStore
CertFindChainInStore
CryptEnumOIDInfo
CertNameToStrA

cmutil

CmMalloc
CmRealloc
CmAtolA

Sections

.text
Size: 585KB - Virtual size: 585KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

.mdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ

.adata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

96c766b3e774d8e412189713e40b75ea

Headers

DLL Characteristics

File Characteristics

Imports

shimeng

user32

kernel32

crypt32

cmutil

Sections

.text Size: 585KB - Virtual size: 585KB

.mdata Size: 8KB - Virtual size: 8KB

.adata Size: 3KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 585KB - Virtual size: 585KB

.mdata
Size: 8KB - Virtual size: 8KB

.adata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 2KB