7b9605a9f9355af3e5c11b676069d9d431a879b1305412577e0a2b792615a77f

General

Target

7b9605a9f9355af3e5c11b676069d9d431a879b1305412577e0a2b792615a77f
Size

941KB
MD5

93a825391b1f0a27b3c63ec1587a9d69
SHA1

391115f8baff6f8071d7453ace5628439fe22fd8
SHA256

7b9605a9f9355af3e5c11b676069d9d431a879b1305412577e0a2b792615a77f
SHA512

d8cfac891d6c189fb58e6ea78bad656da9b042ce7c1d4a8d99ad55b3431eccfe5b54726d7ee54962715f8e9b907c531c554252aea910a98d7ae5eaba76dd5d32
SSDEEP

24576:ff8OGsgs38KQ+F9WTeTOCtaH0YpKDCfhL0Q9H9gKumxLlLDs:ffD3MppsvtaHDNR0Q0KbxL9Ds

Score

N/A

Malware Config

Signatures

Files

7b9605a9f9355af3e5c11b676069d9d431a879b1305412577e0a2b792615a77f
.exe windows x86

a4b86330f25b7c67f88a122297903f84

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

wnsprintfA
PathRemoveFileSpecW
wvnsprintfA
StrCmpNIW
wvnsprintfW
SHDeleteKeyA
PathFindFileNameW
StrCmpNIA
PathMatchSpecW
PathFileExistsW

advapi32

CryptAcquireContextW
CryptCreateHash
RegEnumKeyExA
DuplicateTokenEx
RegQueryValueExA
CryptReleaseContext
CryptDestroyHash
RegDeleteValueA
CryptGetHashParam
RegSetValueExA

user32

SetProcessWindowStation
GetForegroundWindow
MsgWaitForMultipleObjects
OpenWindowStationA
GetDlgItemTextA
EndDialog
DrawIcon
GetMessageA
FindWindowExA
GetKeyboardState
GetDlgItem
GetWindowTextA
GetKeyState
GetClipboardData

kernel32

VirtualProtect
GetAtomNameW
EnterCriticalSection
SystemTimeToFileTime
GetFileSize
GetLastError
GetFileTime
ExpandEnvironmentStringsW
lstrcpyW
GetTimeZoneInformation
VirtualAlloc
CloseHandle
GetModuleHandleA
CreateEventW
LeaveCriticalSection
lstrcmpiA
FindNextFileW
ReleaseMutex
SetFileTime
MultiByteToWideChar
FindResourceW
SetEvent

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a4b86330f25b7c67f88a122297903f84

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

advapi32

user32

kernel32

Sections

.text Size: 58KB - Virtual size: 57KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: - Virtual size: 20KB

.text
Size: 58KB - Virtual size: 57KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: - Virtual size: 20KB