4ace7b3da6d042f34d583d057abdb503f0f56f746801cbb0383da5efe8e3239a

Sharing

Copy URL

Twitter E-mail

General

Target

4ace7b3da6d042f34d583d057abdb503f0f56f746801cbb0383da5efe8e3239a
Size

325KB
MD5

28215a5ed45d61536d22322602407aeb
SHA1

d4db7b54acd5a8f2f7022f3f947ad79e0226801a
SHA256

4ace7b3da6d042f34d583d057abdb503f0f56f746801cbb0383da5efe8e3239a
SHA512

639ab48113f68f07e0573fcafac435aa5c41394572104a023f6c79ae33484a1b0c20765f7ffac2bf84e1ff715d0aacc08a927a24028d6863cdd0c31fad9896a5
SSDEEP

6144:Y9BrvDh5Tsg7q0ROWVjmh2CkYmLzERQc4tpV/pb7:Y91vDhlNbbVjmnmLz+QcepV5

Score

N/A

Malware Config

Signatures

Files

4ace7b3da6d042f34d583d057abdb503f0f56f746801cbb0383da5efe8e3239a
.exe windows x86

d0b2dcfc422ebb56768b6cb7165f812b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

AnimateWindow

comdlg32

ChooseColorW
GetOpenFileNameW
GetSaveFileNameW
PrintDlgW

shell32

DragQueryFileW
DragQueryPoint
ShellExecuteW
SHGetPathFromIDListW
Shell_NotifyIconW
SHGetMalloc
DragFinish
SHGetSpecialFolderLocation
SHBrowseForFolderW

ole32

CoUninitialize
CoInitialize

advapi32

RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegEnumKeyExW
RegDeleteKeyW
IsTextUnicode
RegQueryInfoKeyW
RegOpenKeyExW

gdi32

SetBkMode
DeleteObject
Rectangle
CreatePen
GetStockObject
DeleteDC
GetROP2
GetTextExtentPoint32W
CreateSolidBrush
SetTextColor
GetPixel
CreateFontIndirectW
GetTextExtentPointW
GetDeviceCaps
DPtoLP
StartDocW
StartPage
SetTextAlign
SelectObject
EndPage
EndDoc
EnumFontFamiliesExW
CreateBitmap
CreatePatternBrush
SetBrushOrgEx
PatBlt
OffsetWindowOrgEx
SetWindowOrgEx
SetBkColor
CreateCompatibleDC
GetObjectW
CreateCompatibleBitmap
BitBlt
CreateFontW
SaveDC
RestoreDC
MoveToEx
LineTo
CreateHatchBrush
GetTextMetricsW
ExtTextOutW
SetROP2

comctl32

ImageList_EndDrag
InitCommonControlsEx
ImageList_BeginDrag
ImageList_AddMasked
ImageList_Destroy
ImageList_Create
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_Draw
ImageList_Add
ImageList_SetIconSize

netapi32

NetConnectionEnum

shlwapi

PathRemoveExtensionW
PathFileExistsW
PathFindExtensionW
PathStripPathW
PathIsRelativeW
PathFindFileNameW
PathCompactPathExW
PathIsDirectoryW
PathMatchSpecW
PathRemoveFileSpecW
PathAppendW
PathAddExtensionW

kernel32

LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetFilePointer
ReadFile
HeapSize
RaiseException
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentProcessId
HeapFree
VirtualFree
HeapCreate
DeleteCriticalSection
CompareStringW
CompareStringA
GetDriveTypeA
SetEndOfFile
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetEnvironmentVariableA
GetLocaleInfoW
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoA
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapReAlloc
VirtualAlloc
WideCharToMultiByte
MultiByteToWideChar
lstrcmpW
lstrcatW
GetModuleFileNameW
lstrlenW
lstrcpyW
DeleteFileW
lstrcmpiW
GetLongPathNameW
GetFullPathNameW
MoveFileW
SetFileAttributesW
GetFileAttributesW
GlobalUnlock
GlobalLock
GetLastError
GetCurrentThreadId
GetModuleHandleW
SetCurrentDirectoryW
GetCurrentDirectoryW
FreeLibrary
GlobalFree
CloseHandle
GetSystemTimeAsFileTime
GetCommandLineA
GetStartupInfoA
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CODE
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 211KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0b2dcfc422ebb56768b6cb7165f812b

Headers

DLL Characteristics

File Characteristics

Imports

user32

comdlg32

shell32

ole32

advapi32

gdi32

comctl32

netapi32

shlwapi

kernel32

Sections

.text Size: 81KB - Virtual size: 80KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 13KB - Virtual size: 340KB

.CODE Size: 512B - Virtual size: 448B

.rsrc Size: 211KB - Virtual size: 211KB

.text
Size: 81KB - Virtual size: 80KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 13KB - Virtual size: 340KB

.CODE
Size: 512B - Virtual size: 448B

.rsrc
Size: 211KB - Virtual size: 211KB