eae35c6467791b59e5b798cef675084384e15f369abdd36154e9e30a62afef6c

Sharing

Copy URL Twitter E-mail

General

Target

eae35c6467791b59e5b798cef675084384e15f369abdd36154e9e30a62afef6c
Size

326KB
MD5

c89fe4435f66c31f5c93d65743656eba
SHA1

4609b4a96e9e8f403cbbb2145ae2397b37ea3071
SHA256

eae35c6467791b59e5b798cef675084384e15f369abdd36154e9e30a62afef6c
SHA512

5e8ab860d191ce312f4c49bfba79e2a7b32fdb0c726b6f1cfda812d43b5ef3d0b4051398bbc5704a800e8a3766d7fd63dff572f3df620402771cba7e89480aff
SSDEEP

6144:w4HS+25PnqHh4AtOXT/kUSib+qHfZnc3J+RpQnZGghMtxlW4E:zyXRn1Tdhxc3JqyZGgWlxE

Score

N/A

Malware Config

Signatures

Files

eae35c6467791b59e5b798cef675084384e15f369abdd36154e9e30a62afef6c
.exe windows x86

cf56c98b81d532baa548b3342e7552ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreatePropertySheetPageW
ImageList_Destroy
ImageList_GetIconSize
ImageList_Draw
InitCommonControlsEx
PropertySheetW
FlatSB_GetScrollPos

gdi32

GetCharWidth32W
SetViewportExtEx
SelectClipRgn
Rectangle
GetNearestColor
GetWindowExtEx
SelectObject
PatBlt
TextOutW
CreatePen
MoveToEx
CreateSolidBrush
CreateDiscardableBitmap
CreateDCW
EnumFontFamiliesExW
GetTextExtentPointW
TranslateCharsetInfo
DeleteDC
SetTextColor
GetTextCharsetInfo
CreateCompatibleDC
SetBkMode
DeleteObject
CreateCompatibleBitmap
SelectPalette
BitBlt
GetMapMode
ExtTextOutW
GetDeviceCaps
SetBkColor
GetViewportExtEx
CreateDIBitmap
ExcludeClipRect
GetTextMetricsW
GetObjectW
CreateFontW
GetTextCharset
CreateFontIndirectW
CreateICW
GetStockObject
RealizePalette
SetMapMode
CreateRectRgnIndirect
LineTo
SetWindowExtEx

mswsock

AcceptEx
GetAcceptExSockaddrs

dnsapi

DnsReplaceRecordSetW

rpcrt4

NdrClientCall2
RpcBindingFree
RpcBindingSetAuthInfoExW
I_RpcExceptionFilter
RpcStringFreeW
RpcBindingFromStringBindingW
RpcEpResolveBinding
RpcStringBindingComposeW

kernel32

GlobalLock
lstrlenW
FreeLibrary
lstrcmpW
LocalAlloc
GetCurrentProcess
TlsSetValue
WaitForSingleObject
GetShortPathNameW
GetCurrentThreadId
FindClose
DisableThreadLibraryCalls
GetTickCount
GetLocaleInfoW
InterlockedIncrement
lstrlenA
FindResourceExW
GetProcAddress
GetModuleHandleW
CreateFileW
FindResourceW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetTempFileNameW
GetVolumeInformationW
GetCurrentDirectoryW
FormatMessageW
lstrcpyA
LoadResource
MultiByteToWideChar
FreeResource
GetProfileStringW
TlsGetValue
FindFirstFileW
DelayLoadFailureHook
GlobalReAlloc
GetCurrentProcessId
LoadLibraryW
InterlockedCompareExchange
LockResource
LocalReAlloc
GetLastError
GetFullPathNameW
CloseHandle
InterlockedExchange
GetProcessVersion
LocalFree
SetLastError
DeleteCriticalSection
GetACP
LocalSize
GetVersionExA
GetModuleFileNameW
QueryPerformanceCounter
ExpandEnvironmentStringsW
CreateEventW
lstrcpyW
MulDiv
EnterCriticalSection
FreeLibraryAndExitThread
ResetEvent
lstrcmpiW
InterlockedDecrement
WideCharToMultiByte
GetModuleHandleA
GetSystemTimeAsFileTime
DeleteFileW
GlobalFree
SetUnhandledExceptionFilter
SetCurrentDirectoryW
UnhandledExceptionFilter
lstrcpynW
SizeofResource
FindNextFileW
GlobalUnlock
GetFileAttributesW
SetErrorMode
FindResourceA
LoadLibraryA
CreateThread
GlobalAlloc
TlsFree
SetEvent
TlsAlloc
GetDriveTypeW
GetSystemDefaultUILanguage
GetUserDefaultLCID
TerminateProcess

ntdll

NtQueryVirtualMemory
RtlIsNameLegalDOS8Dot3
_vsnwprintf
RtlAnsiStringToUnicodeString
NtAllocateVirtualMemory
_chkstk
RtlUnwind
RtlUnicodeStringToAnsiString
wcslen
RtlInitUnicodeStringEx
memmove
_wcsicmp

advapi32

RegSetValueExW
RegQueryValueExW
RegQueryValueW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegCloseKey
RegEnumValueW

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cf56c98b81d532baa548b3342e7552ce

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

gdi32

mswsock

dnsapi

rpcrt4

kernel32

ntdll

advapi32

Sections

.text Size: 42KB - Virtual size: 42KB

.data Size: 9KB - Virtual size: 1.4MB

.rdata Size: 113KB - Virtual size: 113KB

.rsrc Size: 159KB - Virtual size: 158KB

.tls Size: 512B - Virtual size: 4KB

.text
Size: 42KB - Virtual size: 42KB

.data
Size: 9KB - Virtual size: 1.4MB

.rdata
Size: 113KB - Virtual size: 113KB

.rsrc
Size: 159KB - Virtual size: 158KB

.tls
Size: 512B - Virtual size: 4KB