55b3ccbe7bfce58fa9fbdbf2d7d492aa8c9def31d73982ac7e8b4ed3092e5f7c

Sharing

Copy URL

Twitter E-mail

General

Target

55b3ccbe7bfce58fa9fbdbf2d7d492aa8c9def31d73982ac7e8b4ed3092e5f7c
Size

105KB
MD5

e96dc72743408632ec53b7bc90d4dc7f
SHA1

6495db6d82ec97db7e088e04c154125cebde9923
SHA256

55b3ccbe7bfce58fa9fbdbf2d7d492aa8c9def31d73982ac7e8b4ed3092e5f7c
SHA512

4c9a6d745f8fa58a5a507c1389277e3d33b23c44ee51f354a0e8c86d734324ae1703b8a2349de9d7fe19bc484ad3b8e25c59088d07773517807e51c990846140
SSDEEP

3072:9HDDF1+SrkScsog8UZhfVRjRNYKF4onUmcnG5fDX6:dfrNFoPSVZ3YKF4sD

Score

N/A

Malware Config

Signatures

Files

55b3ccbe7bfce58fa9fbdbf2d7d492aa8c9def31d73982ac7e8b4ed3092e5f7c
.exe windows x86

3b770c930332f681fc31290486bd58a3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DllRegisterServer
FindExecutableA
Shell_NotifyIconW
StrRChrW
SHGetDataFromIDListW
DragQueryPoint
ShellExecuteA
SHGetDataFromIDListW
DragQueryFileW
ShellExecuteA
SHGetFolderPathA
Shell_NotifyIconW

comsvcs

RecycleSurrogate
CoLoadServices
CoLoadServices
RecycleSurrogate
SafeRef
CoLoadServices
RecycleSurrogate
RecycleSurrogate
CoEnterServiceDomain

cmpbk32

PhoneBookCopyFilter
PhoneBookLoad
PhoneBookLoad
PhoneBookEnumCountries
PhoneBookLoad

user32

LoadIconW
LoadIconW
LoadIconW
PeekMessageA
PostMessageA
LoadIconW
GetDlgItemTextW
LoadCursorW
GetDlgItemTextW
GetPropW
PostMessageA
GetMessageW
GetClassLongA
DialogBoxParamW
FindWindowA
CreateDesktopA
GetDlgItemTextW
GetPropW
CreateDesktopA
DialogBoxParamW
LoadMenuW
DispatchMessageA
LoadCursorW
DialogBoxParamW

advapi32

RegSaveKeyW
CryptSignHashW
RegSaveKeyW
RegLoadKeyW
RegUnLoadKeyW
RegRestoreKeyA
OpenServiceA
RegOpenKeyW
RegOpenKeyW
LogonUserW
LogonUserW
LogonUserW
RegOpenKeyW
InitializeSid

shlwapi

UrlIsW
UrlGetLocationW
UrlCompareW
UrlIsW
UrlCombineA
UrlCompareW
PathIsURLW
PathIsRootA
PathIsRootA
UrlGetPartA
PathIsRootA
UrlCanonicalizeA
UrlUnescapeA
PathIsRootA

msimg32

AlphaBlend
TransparentBlt
TransparentBlt
AlphaBlend
AlphaBlend
DllInitialize
AlphaBlend
GradientFill

kernel32

VirtualFree
AddAtomW
LoadLibraryA
OpenFileMappingA
TlsSetValue
LoadLibraryW
WriteConsoleA
LoadLibraryA
HeapAlloc
AddAtomW
FindFirstFileA
LoadLibraryW
GetCurrentProcess
OpenFileMappingA
MoveFileExA
GetCurrentDirectoryA
GetShortPathNameA
GetSystemTime
FindAtomA
AllocConsole
FindFirstFileA
VirtualAlloc
LoadLibraryW
GetCurrentDirectoryA
CreateSemaphoreA
WaitForSingleObject
FindAtomA
RemoveDirectoryA
WaitForSingleObject
HeapAlloc

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.relo
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b770c930332f681fc31290486bd58a3

Headers

DLL Characteristics

File Characteristics

Imports

shell32

comsvcs

cmpbk32

user32

advapi32

shlwapi

msimg32

kernel32

Sections

.text Size: 21KB - Virtual size: 20KB

.pdata Size: 77KB - Virtual size: 76KB

.fdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 864B

.relo Size: 3KB - Virtual size: 3KB

.text
Size: 21KB - Virtual size: 20KB

.pdata
Size: 77KB - Virtual size: 76KB

.fdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 864B

.relo
Size: 3KB - Virtual size: 3KB