8732d8a06842219bb9cf705a59cedb848996a53ce4a4438f34bf0f5fc7fc90fe

Sharing

Copy URL

Twitter E-mail

General

Target

8732d8a06842219bb9cf705a59cedb848996a53ce4a4438f34bf0f5fc7fc90fe
Size

602KB
MD5

c80c3fb6c195380cac523a07379ac310
SHA1

a199df676f583f9c4454d1714fcf152b541e84be
SHA256

8732d8a06842219bb9cf705a59cedb848996a53ce4a4438f34bf0f5fc7fc90fe
SHA512

cd93ef8a7358f9aaf909a742bf02ca8447044bea9f96cc2d55948bd6e946f7587f700ea7d54f2666e5ffa73afd06e8082ac808458afe441850c70f72fa1128e5
SSDEEP

12288:q6VvrLEshlml1beZXpvurUUUOx76rlq6ja6h7eaPVZbSu:q6drvlaoZmrUHOdCNbdeazS

Score

N/A

Malware Config

Signatures

Files

8732d8a06842219bb9cf705a59cedb848996a53ce4a4438f34bf0f5fc7fc90fe
.exe windows x86

4e80a203288e019ddb3e847d8e24e321

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

clbcatq

DowngradeAPL
SetSetupSave

cfgmgr32

CM_Add_Empty_Log_Conf
CMP_Report_LogOn
CM_Add_IDA
CM_Add_Range

user32

wsprintfA
LoadBitmapA
IsDialogMessageA
DispatchMessageW
PostMessageA
CharToOemA
LoadIconA
IsCharLowerA
DialogBoxParamA
MessageBoxW
GetClassLongA
DrawStateA
PeekMessageA
InsertMenuW

dbnmpntw

ConnectionClose
ConnectionWrite

kernel32

GetCommandLineA
InterlockedDecrement
CreateMutexA
GetEnvironmentVariableW
WaitForSingleObject
SetLocalTime
CreateProcessA
GetShortPathNameA
FindClose
FindResourceExA
OpenProcess
GlobalAddAtomA
GetConsoleTitleA
GetPriorityClass
FindNextFileA
CreateFileMappingW
FindFirstFileW
FormatMessageA
CloseHandle
GetLogicalDriveStringsA
GetProcAddress
GetPrivateProfileStringW
CreateDirectoryW
CreateSemaphoreW
LoadLibraryA
SetEnvironmentVariableA
GetModuleHandleA

shlwapi

UrlGetPartW
PathCompactPathW
UrlCreateFromPathW
UrlCombineA
UrlEscapeA
UrlCompareA
UrlUnescapeW
PathIsRootW
UrlHashA
UrlIsNoHistoryW
UrlGetLocationA
PathCommonPrefixW
UrlIsA
PathCombineA

shimeng

SE_InstallBeforeInit
SE_IsShimDll

shell32

Shell_NotifyIconW
DllUnregisterServer
DragQueryFileW
DllGetClassObject
SHBrowseForFolderW
SHGetFolderPathW
StrChrW
ExtractIconW
SHEmptyRecycleBinA
SHCreateDirectoryExA

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dec
Size: 523KB - Virtual size: 523KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e80a203288e019ddb3e847d8e24e321

Headers

DLL Characteristics

File Characteristics

Imports

clbcatq

cfgmgr32

user32

dbnmpntw

kernel32

shlwapi

shimeng

shell32

Sections

.text Size: 54KB - Virtual size: 53KB

.rdata Size: 20KB - Virtual size: 20KB

.dec Size: 523KB - Virtual size: 523KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 54KB - Virtual size: 53KB

.rdata
Size: 20KB - Virtual size: 20KB

.dec
Size: 523KB - Virtual size: 523KB

.rsrc
Size: 3KB - Virtual size: 3KB