d45543b670ceb94277e6a5ea7b916851311d2c1c612c0cf73d3c33dc7ab9a132

Sharing

Copy URL Twitter E-mail

General

Target

d45543b670ceb94277e6a5ea7b916851311d2c1c612c0cf73d3c33dc7ab9a132
Size

1.1MB
MD5

4b53ecd9e02f86f59a1944b2a06976ad
SHA1

e3f997f259fbc8fd18f3dbdc393b9f5d1cba946f
SHA256

d45543b670ceb94277e6a5ea7b916851311d2c1c612c0cf73d3c33dc7ab9a132
SHA512

71c73bf2331beeb91e89eada6cd00cbfef3674889ba3801c861e19e18358155ad89d591f0d8ccb33298a9e64e8c0680410b62bee4c3b318fadd1ff9f70f0e46c
SSDEEP

12288:kDzTr+nShb8wjuATCVDrU1/Mey9pVtrFgTFS6vVWTb/b5cjXdKZzvQVGrP1+Zcql:kF8yuLVD0MLvKSfvbAtOogQp2XCiE

Score

N/A

Malware Config

Signatures

Files

d45543b670ceb94277e6a5ea7b916851311d2c1c612c0cf73d3c33dc7ab9a132
.exe windows x86

beae9592165804f32cfa7562d4fb7ffb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

IsBadStringPtrA
GetCurrentThreadId
GetStringTypeExA
GetFirmwareEnvironmentVariableA
VirtualFree
InitializeCriticalSection
ReleaseMutex
CloseHandle
InterlockedPushEntrySList
CreateMutexA
InterlockedExchange
EnterCriticalSection
VirtualAlloc
FileTimeToSystemTime
GetLastError
GetFileTime
GetVersionExA
ReadFile
VerSetConditionMask
SetFilePointer
GetSystemTimes
InterlockedPopEntrySList
WaitForMultipleObjects
OpenMutexA
PeekNamedPipe
CreateFileA
CreateNamedPipeA
ConnectNamedPipe
ExitProcess
CompareStringA

user32

GetMenu
RegisterClassExA
GetSubMenu
DispatchMessageA
DefWindowProcA
SetMenu
PostQuitMessage
GetMessageA
CreateWindowExA
IsClipboardFormatAvailable
GetSysColorBrush
GetDesktopWindow
MessageBeep
SendMessageA
LoadMenuA
ShowWindow
CheckMenuItem
UpdateWindow
GetClientRect
DestroyWindow
TranslateMessage

shell32

DoEnvironmentSubstA
SHSetLocalizedName
SHCreateQueryCancelAutoPlayMoniker
FreeIconList
SHCreateShellItem
PrintersGetCommand_RunDLLA
SHBrowseForFolder
SHUpdateRecycleBinIcon
RealDriveType
DAD_SetDragImage
SHHandleUpdateImage
DAD_DragEnterEx
SHGetSettings
RegenerateUserEnvironment
PathMakeUniqueName
SHGetFolderLocation
SHGetInstanceExplorer
Shell_NotifyIconA
FindExecutableA
SHGetDataFromIDListA
SHGetDiskFreeSpaceA
Shell_NotifyIcon
ShellAboutA
DAD_DragEnterEx2
RestartDialog
ExtractIconEx
SHObjectProperties
SHGetSpecialFolderPathA
ILClone
SHGetIconOverlayIndexA
PifMgr_SetProperties
SHCoCreateInstance
ILCreateFromPathA
PathQualify
IsNetDrive
SHGetFolderPathA
SHAddFromPropSheetExtArray
SHGetSetSettings
Options_RunDLLA
SHLimitInputEdit
SHGetNewLinkInfoA

Sections

.text
Size: 1005KB - Virtual size: 1005KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

beae9592165804f32cfa7562d4fb7ffb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

Sections

.text Size: 1005KB - Virtual size: 1005KB

.data Size: 159KB - Virtual size: 158KB

.rsrc Size: 7KB - Virtual size: 3.0MB

.text
Size: 1005KB - Virtual size: 1005KB

.data
Size: 159KB - Virtual size: 158KB

.rsrc
Size: 7KB - Virtual size: 3.0MB