54f184fa0220539724cc050d30389359952aac7e8c68d3043725a005c7444fda

Sharing

Copy URL Twitter E-mail

General

Target

54f184fa0220539724cc050d30389359952aac7e8c68d3043725a005c7444fda
Size

56KB
MD5

06625163fdf3dc3e6243cf8714a97b34
SHA1

738bc27abd0034bf98746db94dd16ea34451cb17
SHA256

54f184fa0220539724cc050d30389359952aac7e8c68d3043725a005c7444fda
SHA512

5b1cf115b394e536d89e3bb49f17a7f9ead7ba4568bc209cb5e51b44a2ac8cde97d9f7f68ff2d375540096c1333e071a9d2e0a3cd484014f5ecb1627843794d0
SSDEEP

1536:M657Hs7eLgDB2FUkgYGraUPuML4C7R+fMFMWnMkKoB:j57ZV3aaUPTL/+f2MKV

Score

N/A

Malware Config

Signatures

Files

54f184fa0220539724cc050d30389359952aac7e8c68d3043725a005c7444fda
.exe windows x86

c88b10b9a54f15d86720a362d97ef65c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

ws2help

WahCloseNotificationHandleHelper
WahCloseSocketHandle
WahCloseHandleHelper
WahCompleteRequest
WahCloseThread

user32

LoadStringW
ArrangeIconicWindows
DestroyWindow
EndDialog
BeginPaint
GetClientRect
MessageBoxA
GetWindowRect
EnableWindow
ReleaseDC
GetDC
wsprintfA
GetParent
GetDlgItem
TranslateMessage
GetSystemMetrics
ShowWindow
AnimateWindow

comdlg32

GetFileTitleA
GetOpenFileNameA
dwLBSubclass
ChooseFontA
FindTextA
PrintDlgExA
PrintDlgA
GetSaveFileNameA
dwOKSubclass
PageSetupDlgA
WantArrows
CommDlgExtendedError
LoadAlterBitmap
ReplaceTextA
ChooseColorA

advapi32

RegQueryValueExW
RegSetValueExA
InitializeSecurityDescriptor
AccessCheckByTypeAndAuditAlarmA
RegEnumKeyExA
RegDeleteKeyW
AccessCheckByTypeResultListAndAuditAlarmByHandleW
RegDeleteValueW
RegEnumValueW
RegDeleteKeyA
GetLengthSid
RegQueryValueExA
GetTokenInformation
RegDeleteValueA
RegSetValueExW
AddAccessAllowedAce
RegEnumKeyExW
CloseServiceHandle
RegQueryInfoKeyW
RegCreateKeyExA
RegCreateKeyExW
AllocateAndInitializeSid
OpenThreadToken
RegCloseKey
ObjectCloseAuditAlarmA
RegOpenKeyExW
RegOpenKeyExA
FreeSid
OpenProcessToken

kernel32

WriteConsoleW
GetLastError
GetCurrentThreadId
VirtualAlloc
GetTickCount
CloseHandle
SetUnhandledExceptionFilter
SizeofResource
Sleep
QueryPerformanceCounter
MultiByteToWideChar
LoadLibraryA
LockResource
WritePrivateProfileSectionA
GetCurrentProcessId
UnhandledExceptionFilter
LoadResource
FreeLibrary
InterlockedDecrement
ExitProcess
EnterCriticalSection
TerminateProcess
FindResourceA
WritePrivateProfileStringA
CreateFileA
WriteProfileStringA
GetCurrentProcess
DeleteCriticalSection
GetProcAddress
GetSystemTimeAsFileTime
LocalFree
WideCharToMultiByte
InterlockedIncrement
WriteProfileSectionA
LeaveCriticalSection
InitializeCriticalSection

msvcrt

_close
_cgets
_cabs
_access
__doserrno
_beep
__threadid
_atoi64
_atoldbl
_chgsign
_chdir
_assert
_c_exit
__set_app_type
_cgetws

ole32

CoCreateInstanceEx
CLIPFORMAT_UserFree
CLSIDFromProgIDEx
CoCreateInstance
CLIPFORMAT_UserSize
CLIPFORMAT_UserUnmarshal
CoCreateObjectInContext
PropVariantChangeType
CLIPFORMAT_UserMarshal
CLSIDFromOle1Class
BindMoniker
CLSIDFromProgID

ws2_32

bind
socket
setsockopt
accept
send
WSACleanup
WSAStartup
WSALookupServiceNextA
listen
closesocket

Sections

BSS
Size: - Virtual size: 36KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 526B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c88b10b9a54f15d86720a362d97ef65c

Headers

File Characteristics

Imports

ws2help

user32

comdlg32

advapi32

kernel32

msvcrt

ole32

ws2_32

Sections

BSS Size: - Virtual size: 36KB

CODE Size: 2KB - Virtual size: 1KB

DATA Size: 26KB - Virtual size: 25KB

.idata Size: 4KB - Virtual size: 3KB

.rdata Size: 512B - Virtual size: 526B

.rsrc Size: 2KB - Virtual size: 2KB

BSS
Size: - Virtual size: 36KB

CODE
Size: 2KB - Virtual size: 1KB

DATA
Size: 26KB - Virtual size: 25KB

.idata
Size: 4KB - Virtual size: 3KB

.rdata
Size: 512B - Virtual size: 526B

.rsrc
Size: 2KB - Virtual size: 2KB