c6d49d5eca5fed02eb3ac0ec74c0c8642625045638d080c406c70ef1cdceda30

Sharing

Copy URL Twitter E-mail

General

Target

c6d49d5eca5fed02eb3ac0ec74c0c8642625045638d080c406c70ef1cdceda30
Size

26KB
MD5

ee7b888ea8c67736ee15b5ac4afdc853
SHA1

2211ae1a2b47c4abcf5b3cdf421c09e4726d54f7
SHA256

c6d49d5eca5fed02eb3ac0ec74c0c8642625045638d080c406c70ef1cdceda30
SHA512

ad6bd03a969161c7f74570c2d3ed99c8a10b7a790e79642df5a2e3efe9c58f3390a0d075076fb87c4ea8f8e9993a324261cf37534d9a53bbad2735d03bb5a072
SSDEEP

384:7/bJ0ztyhbMnABwpx/xBe6O6pScCsjqfVBgfQgm82tl0YF2hzX7a96bTcqFrIn:hUghKbxB8sIVBgfQgmptlX2BmO40

Score

N/A

Malware Config

Signatures

Files

c6d49d5eca5fed02eb3ac0ec74c0c8642625045638d080c406c70ef1cdceda30
.exe windows x86

cd712184f989f967f646aeade422b765

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CertAddCTLLinkToStore

version

GetFileVersionInfoA
GetFileVersionInfoSizeW

rpcrt4

MesDecodeIncrementalHandleCreate
NDRCContextMarshall
NdrByteCountPointerBufferSize
NdrByteCountPointerUnmarshall
NdrConformantStructBufferSize
MesInqProcEncodingId
NdrClientInitialize
NdrByteCountPointerFree
MesBufferHandleReset
NdrAsyncServerCall
CreateStubFromTypeInfo
MesIncrementalHandleReset
DllGetClassObject
NDRSContextMarshallEx
NDRCContextBinding
DllRegisterServer
DceErrorInqTextW
NDRcopy

olecli32

OleQueryType
OleSetTargetDevice
OleCopyFromLink
OleCopyToClipboard
OleLoadFromStream
OleSetHostNames
OleCreateFromClip
OleQueryLinkFromClip
OleClone
OleDelete
OleEqual
OleSetBounds
OleCreateLinkFromClip
OleSaveToStream
OleQueryCreateFromClip

gdi32

CreatePen
RestoreDC
GetDeviceCaps
GetSystemPaletteEntries
LineTo
SelectObject
GetStockObject
GetObjectA
CreateDIBitmap
SaveDC
CreatePalette
GetTextExtentPointA
SelectClipRgn
DeleteDC
DeleteObject
CreateCompatibleDC
CreateRectRgn
SetBkColor
SetTextColor
SelectPalette
BitBlt
ExtTextOutA
RealizePalette
GetTextMetricsA
UnrealizeObject
CreateSolidBrush

ole32

CLSIDFromString
CLIPFORMAT_UserFree
CLSIDFromProgID
CLIPFORMAT_UserSize
CoCreateObjectInContext
CLSIDFromOle1Class
CoCreateGuid
CoCopyProxy
CLIPFORMAT_UserMarshal
CoBuildVersion
CoDisableCallCancellation
CoCreateFreeThreadedMarshaler
OleInitialize
CoCreateInstanceEx
CLSIDFromProgIDEx
BindMoniker
CLIPFORMAT_UserUnmarshal
CoAddRefServerProcess
CoCancelCall
CoCreateInstance

user32

TranslateMessage
GetClientRect
MessageBoxA
GetDlgItem
ReleaseDC
ShowWindow
EndDialog
LoadStringW
GetWindowRect
EnableWindow
GetDC
GetSystemMetrics

oleaut32

VariantCopy
VariantInit
SafeArrayPutElement
SysReAllocStringLen
SafeArrayPtrOfIndex
OleLoadPicture
VariantChangeTypeEx
SysStringLen
SafeArrayGetUBound
VariantChangeType
SafeArrayGetElement
GetActiveObject
LoadTypeLib
SafeArrayUnaccessData
RegisterTypeLib
VariantClear
SysAllocStringLen
SafeArrayAccessData
GetErrorInfo
SafeArrayCreate
CreateErrorInfo
SysStringByteLen
SysAllocStringByteLen
VariantCopyInd
SafeArrayGetLBound
SysFreeString

kernel32

FindClose
GetLargestConsoleWindowSize
GetSystemTimeAsFileTime
GetFullPathNameA
BackupWrite
GetFileInformationByHandle
WaitForMultipleObjects
SetConsoleWindowInfo
SetConsoleOutputCP
GetConsoleCP
GetStdHandle
InterlockedDecrement
FileTimeToDosDateTime
IsBadReadPtr
ReadConsoleW
UnmapViewOfFile
GetVersionExA
InitializeCriticalSection
IsBadWritePtr
CompareStringA
SetConsoleCP
RaiseException
SetErrorMode
SetConsoleMode
CreateFileMappingA
GetSystemTime
LocalFileTimeToFileTime
FindFirstChangeNotificationA
GetFileSize
GetCurrentDirectoryA
TerminateProcess
GetLastError
SetStdHandle
GetTickCount
RemoveDirectoryA
CreateProcessA
QueryDosDeviceA
SetConsoleActiveScreenBuffer
IsBadCodePtr
GetShortPathNameA
GetLocaleInfoA
SetConsoleTitleA
lstrcmpiA
GetConsoleCursorInfo
LoadLibraryExA
SystemTimeToFileTime
WriteConsoleOutputA
MoveFileExA
WriteFile
MapViewOfFile
SetCurrentDirectoryA
FindFirstFileA
ReadConsoleOutputW
GlobalMemoryStatus
PeekConsoleInputW
SetConsoleScreenBufferSize
GetModuleHandleA
GetComputerNameA
FreeConsole
WriteConsoleOutputW
SetConsoleCursorInfo
CreateMutexA
GetFileTime
SetEndOfFile
SetFilePointer
FlushFileBuffers
GetCurrentThreadId
VirtualAlloc
EnterCriticalSection
CreateFileA
GetLogicalDrives
GetCompressedFileSizeA
FlushConsoleInputBuffer
GetVolumeInformationA
SetFileTime
DefineDosDeviceA
ReadFile
CreateFileW
ExpandEnvironmentStringsA
CreateDirectoryA
ReadConsoleInputW
FileTimeToLocalFileTime
DeleteCriticalSection
GetModuleFileNameA
ReadConsoleInputA
GetCurrentProcessId
SetFileApisToANSI
SearchPathA
AllocConsole
LoadLibraryA
SetLastError
GetNumberFormatA
FreeLibrary
SetConsoleCursorPosition
CopyFileA
GetConsoleScreenBufferInfo
SetFileApisToOEM
SetConsoleTextAttribute
LeaveCriticalSection
WriteConsoleInputW
InterlockedIncrement
GetDiskFreeSpaceA
GetFileType
ReadConsoleA
GetFileAttributesA
ReleaseMutex
SetEnvironmentVariableA
SetConsoleCtrlHandler
FormatMessageA
FindNextFileA
GetConsoleOutputCP
PeekConsoleInputA
WaitForSingleObject
DeleteFileA
FindCloseChangeNotification
MoveFileA
ReadConsoleOutputA
OpenProcess

ws2_32

WSAStartup
WSAGetLastError
WSACleanup
socket
send
recv
connect

shell32

PathQualify
Shell_GetImageLists
DAD_DragEnterEx
PickIconDlg
DAD_DragMove
Shell_MergeMenus
SHGetSetSettings
SHStartNetConnectionDialogW
SHCoCreateInstance
DllCanUnloadNow
DllUnregisterServer
GetFileNameFromBrowse
IsLFNDrive
DriveType
DllGetVersion
Shell_GetCachedImageIndex
DllGetClassObject
DllInstall
IsNetDrive
PathResolve
SHChangeNotifyRegister
SHChangeNotifyDeregister
DAD_DragLeave
SHILCreateFromPath
DragFinish
PifMgr_OpenProperties
DragAcceptFiles

oleacc

AccessibleObjectFromPoint
AccessibleObjectFromWindow
ObjectFromLresult
GetStateTextW
DllGetClassObject
CreateStdAccessibleObject
AccessibleObjectFromEvent
WindowFromAccessibleObject
IID_IAccessibleHandler
GetRoleTextA
GetRoleTextW
DllUnregisterServer
CreateStdAccessibleProxyA
LIBID_Accessibility
AccessibleChildren
IID_IAccessible
DllCanUnloadNow
GetStateTextA
GetOleaccVersionInfo
CreateStdAccessibleProxyW
LresultFromObject

Sections

.text
Size: 1024B - Virtual size: 749B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd712184f989f967f646aeade422b765

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

version

rpcrt4

olecli32

gdi32

ole32

user32

oleaut32

kernel32

ws2_32

shell32

oleacc

Sections

.text Size: 1024B - Virtual size: 749B

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 2KB - Virtual size: 40KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 1024B - Virtual size: 749B

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 2KB - Virtual size: 40KB

.rsrc
Size: 5KB - Virtual size: 4KB