cfdde9bbf8c26e47822373fc3a4041f9558aef0c0136b180ad7dba0492e7fb55

Sharing

Copy URL Twitter E-mail

General

Target

cfdde9bbf8c26e47822373fc3a4041f9558aef0c0136b180ad7dba0492e7fb55
Size

22KB
MD5

71255eef93910cea27b88abf74d3e226
SHA1

5e326830663df69f6b5240d8e90b3564c05bc407
SHA256

cfdde9bbf8c26e47822373fc3a4041f9558aef0c0136b180ad7dba0492e7fb55
SHA512

b3b6f409906dc98399bcc55e3c94b91cbccb19a20ef1c1dc5cec35684e01dcc1cbb1eba9ee982579a9397413562605c8c0ee7e12dd507d6ebc3e60bcb963ed06
SSDEEP

384:zUVHQN87gF8Fni8/OEvYxX4njZHUIIymYJnDyP+yqJUQj:QVHQstFi8/OxonjNhmYlDi+yXQ

Score

N/A

Malware Config

Signatures

Files

cfdde9bbf8c26e47822373fc3a4041f9558aef0c0136b180ad7dba0492e7fb55
.exe windows x86

338f02899080fcdd936ca04e93906719

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

PathResolve
SHCoCreateInstance
Shell_MergeMenus
SHChangeNotifyDeregister
PathQualify
DAD_DragEnterEx
IsLFNDrive
Shell_GetCachedImageIndex
SHDefExtractIconW
DragFinish
Shell_GetImageLists
IsNetDrive
DllInstall
DllUnregisterServer
DriveType
DllRegisterServer
DAD_DragMove
SHILCreateFromPath
PifMgr_OpenProperties
DllGetVersion
DragAcceptFiles
DAD_DragLeave
DllGetClassObject
DllCanUnloadNow
PickIconDlg
SHChangeNotifyRegister
SHGetSetSettings
RestartDialog
SHStartNetConnectionDialogW
GetFileNameFromBrowse

oleaut32

SafeArrayCreate
VariantCopyInd
CreateErrorInfo
SysAllocStringLen
SysStringByteLen
SafeArrayPutElement
GetActiveObject
LoadTypeLib
OleLoadPicture
SafeArrayGetElement
RegisterTypeLib
SafeArrayGetLBound
VariantInit
SysAllocStringByteLen
SafeArrayAccessData
GetErrorInfo
SysStringLen
VariantChangeTypeEx
LoadTypeLibEx
VariantChangeType
SysFreeString
VariantClear
VariantCopy
SafeArrayUnaccessData
SafeArrayGetUBound
SysReAllocStringLen
SafeArrayPtrOfIndex

olecli32

OleLockServer

rpcrt4

NDRSContextMarshallEx
MesBufferHandleReset
MesIncrementalHandleReset
NdrByteCountPointerFree
MesEncodeFixedBufferHandleCreate
DceErrorInqTextW
NdrClientInitialize
DllGetClassObject
CStdStubBuffer_CountRefs
MesDecodeIncrementalHandleCreate
MesHandleFree
NdrByteCountPointerBufferSize
MesInqProcEncodingId
NDRcopy
NDRCContextMarshall
NDRSContextMarshall
NdrConformantStructBufferSize
DllRegisterServer
NdrAllocate
NdrAsyncServerCall
NdrByteCountPointerUnmarshall
NdrAsyncClientCall
CreateStubFromTypeInfo
NDRCContextBinding

advapi32

RegQueryValueExW
CloseServiceHandle
RegDeleteKeyW
RegEnumKeyExW
RegCloseKey
RegDeleteValueA
FreeSid
RegDeleteValueW
OpenThreadToken
RegQueryInfoKeyW
RegSetValueExA
RegEnumKeyExA
RegCreateKeyExA
RegOpenKeyExA
GetTokenInformation
RegEnumValueW
InitializeSecurityDescriptor
RegDeleteKeyA
RegQueryValueExA
RegSetValueExW
AllocateAndInitializeSid
RegCreateKeyExW
RegOpenKeyExW
OpenProcessToken

user32

DispatchMessageA
UpdateWindow
EnableWindow
LoadStringW
GetWindowRect
EndDialog
CharNextW
MessageBoxA
GetDC
SetCursor
wsprintfW
GetSysColor
LoadStringA
CharNextA
DefWindowProcA
GetWindowLongW
SetFocus
GetParent
MessageBoxW
PostMessageW
CreateWindowExA
GetWindowLongA
SetWindowLongW
TranslateMessage
DestroyWindow
SendMessageW
GetSystemMetrics
InvalidateRect
wsprintfA
SetWindowPos
BeginPaint
EndPaint
GetDesktopWindow
SetWindowLongA
IsWindow
ShowWindow

kernel32

AddAtomW
ExitProcess
GetCommandLineW
WriteConsoleW
GetFullPathNameW
CloseHandle
CreateMutexA
GetCurrentDirectoryW
GetLastError
LoadResource
GetTempPathA
FileTimeToLocalFileTime
GetExitCodeProcess
CreateFileMappingW
CreateProcessW
GetComputerNameW
IsBadCodePtr
OpenProcess
GetCurrentProcess
MulDiv
SizeofResource
FindNextFileA
IsValidCodePage
LockResource
ExpandEnvironmentStringsA
ResumeThread
OutputDebugStringW
VirtualAlloc
CreateDirectoryA
IsDBCSLeadByte
RemoveDirectoryW
LoadLibraryExA
CreateFileMappingA
ReleaseSemaphore
DeviceIoControl
SetFileAttributesA
SetThreadPriority
GetWindowsDirectoryW
lstrcatW
FindResourceA
VirtualFree
CopyFileW
CreateMutexW
RaiseException

Sections

.textbss
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 440B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

338f02899080fcdd936ca04e93906719

Headers

File Characteristics

Imports

shell32

oleaut32

olecli32

rpcrt4

advapi32

user32

kernel32

Sections

.textbss Size: - Virtual size: 12KB

.data Size: 1KB - Virtual size: 1KB

.debug Size: 1KB - Virtual size: 1KB

.rdata Size: 1KB - Virtual size: 1KB

.text Size: 512B - Virtual size: 440B

.rsrc Size: 3KB - Virtual size: 3KB

.idata Size: 12KB - Virtual size: 12KB

.textbss
Size: - Virtual size: 12KB

.data
Size: 1KB - Virtual size: 1KB

.debug
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1KB - Virtual size: 1KB

.text
Size: 512B - Virtual size: 440B

.rsrc
Size: 3KB - Virtual size: 3KB

.idata
Size: 12KB - Virtual size: 12KB