cab3efc14dbbf9697001aa6d4a02eace6d5e1190e5e888a7de81f2fa304839f0

Sharing

Copy URL

Twitter E-mail

General

Target

cab3efc14dbbf9697001aa6d4a02eace6d5e1190e5e888a7de81f2fa304839f0
Size

446KB
MD5

02536190de43f486688786f664239cbc
SHA1

1b38664a8b96d256d16abf5fcb39e0fd78e115b7
SHA256

cab3efc14dbbf9697001aa6d4a02eace6d5e1190e5e888a7de81f2fa304839f0
SHA512

999793c4e9b7d20d17cfd7ce516b7f308ffa118a351cd7144c20992cc293ef0f82ecd8dfc5915d331b5dab51df1043f42db1ceaefd831b8517b80d780bbff960
SSDEEP

12288:dJlaRFot/NGJBO4ZCTDmrtErNhY5L1c3BtF9q3FD0xtpsT:dJYYUJZAYl1cF9q1oxY

Score

N/A

Malware Config

Signatures

Files

cab3efc14dbbf9697001aa6d4a02eace6d5e1190e5e888a7de81f2fa304839f0
.exe windows x86

62fba5b789bfd8237754c1d09d5b5d2c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathRelativePathToW
PathRemoveBackslashW
SHCopyKeyW
SHRegOpenUSKeyW
PathRemoveExtensionW
PathGetDriveNumberA
StrCatBuffW
PathFindOnPathW
StrChrW
StrFromTimeIntervalA
IntlStrEqWorkerW
SHSetValueA
PathIsUNCServerA
PathCompactPathExA
StrIsIntlEqualW
SHSetValueW
SHRegEnumUSKeyA
PathAddBackslashA
StrToIntExW
PathAppendW
SHRegCloseUSKey
SHQueryInfoKeyA
PathFindFileNameW
SHRegGetUSValueW
PathIsUNCServerW
StrRStrIW
UrlCompareW
SHEnumValueA
PathAddExtensionW
UrlApplySchemeA
PathCompactPathExW
UrlHashA
UrlIsOpaqueA
UrlHashW
PathRemoveBlanksW
PathFileExistsA
PathQuoteSpacesW
ColorRGBToHLS
SHRegWriteUSValueA
SHQueryInfoKeyW
PathIsRootA
SHRegQueryInfoUSKeyW
PathGetCharTypeW
SHSkipJunction
PathUnmakeSystemFolderA
StrCpyNW
PathGetCharTypeA
PathFindExtensionW
SHRegEnumUSValueA
PathMakeSystemFolderW
PathIsURLW
SHRegDeleteUSValueW
PathIsSystemFolderW
StrRetToStrA
PathParseIconLocationW
StrRChrIA
UrlCombineA
StrStrW
PathCanonicalizeW
StrFormatKBSizeA
StrCmpW
PathIsSystemFolderA
StrFormatKBSizeW
wvnsprintfW
SHSetThreadRef
StrFormatByteSizeW
PathStripPathA
PathFileExistsW
StrFormatByteSizeA
PathIsUNCServerShareW
PathIsURLA
StrSpnW

kernel32

GetDevicePowerState
ResumeThread
Process32Next
SetSystemTimeAdjustment
GetNumberOfConsoleMouseButtons
GetWindowsDirectoryW
GlobalFindAtomW
GetOEMCP
IsProcessorFeaturePresent
MapViewOfFileEx
CreateIoCompletionPort
VirtualAlloc
GetEnvironmentStringsW
CreateTapePartition
FormatMessageA
HeapWalk
CreateMailslotA
GetACP
lstrlenW
AddAtomW
TlsFree
GetTempPathA
SuspendThread
GetSystemTimeAsFileTime
PeekNamedPipe
DefineDosDeviceA
SetHandleInformation
CreateEventW
VerLanguageNameA
ReadConsoleOutputCharacterW
Process32First
TerminateThread
SetFileTime
SetEnvironmentVariableA
LocalSize
VirtualProtect
SetProcessPriorityBoost
WriteConsoleOutputW
CreateSemaphoreW
GetThreadSelectorEntry
SetLocaleInfoW
DisconnectNamedPipe
GetFileType
ExpandEnvironmentStringsW
OpenProcess
GetPrivateProfileIntA
EnumDateFormatsExW
GetPrivateProfileSectionNamesA
OpenMutexA
GetCommTimeouts
DeviceIoControl
MapViewOfFile
GetDiskFreeSpaceW
ContinueDebugEvent
HeapCreate
EnumResourceNamesW
LocalFlags
EnumCalendarInfoW
WaitNamedPipeW
LoadLibraryExA
OpenWaitableTimerA
GetProcessWorkingSetSize
FreeLibrary
GetProcessTimes
GetCommModemStatus
DebugBreak
IsBadHugeReadPtr
PeekConsoleInputA
GetShortPathNameA
EnumResourceNamesA
SetTapePosition
GetCommProperties
GetNamedPipeInfo
VirtualFreeEx
lstrcmpi
CreateSemaphoreA
InitAtomTable
lstrcat
GlobalWire
WriteConsoleW

user32

CheckRadioButton
SetScrollPos
DrawTextW
SwitchToThisWindow
GetCaretBlinkTime
DrawMenuBar
SendDlgItemMessageW
SetCapture
CloseWindowStation
GetDoubleClickTime
GetWindowRgn
SetSysColors
SwitchDesktop
DrawFrame
DdeCreateStringHandleW
CountClipboardFormats
IsMenu
LookupIconIdFromDirectoryEx
DdeQueryStringW
ShowWindow
GetWindowContextHelpId
PostThreadMessageW
ReleaseCapture
GetListBoxInfo
UnpackDDElParam
DdeDisconnect
MapVirtualKeyW
IsCharUpperW
GetClassLongA
SetWindowContextHelpId
InvalidateRgn
EnumWindowStationsW
GetClassInfoW
WindowFromDC
DrawCaption
FindWindowW
GetParent
BringWindowToTop
BlockInput
SetMenuItemBitmaps
RegisterHotKey
ShowOwnedPopups
GetCapture
UnionRect
IsCharAlphaW
DefFrameProcA
LoadKeyboardLayoutA
DrawIcon
CreateIconFromResourceEx
SetMenuItemInfoA
GetCursorPos
ModifyMenuA
SystemParametersInfoA
TranslateMDISysAccel
AnimateWindow
IsZoomed
EnumDisplayMonitors
RegisterClipboardFormatA
IsDialogMessageA
IsCharAlphaNumericW
UnhookWinEvent
SetProcessWindowStation
RegisterWindowMessageW
CreateAcceleratorTableW
IsChild
SetForegroundWindow
UnloadKeyboardLayout
ReuseDDElParam
CharLowerW
DdeReconnect

ole32

UtGetDvtd16Info
CoTaskMemAlloc
CoCreateInstanceEx
CoLockObjectExternal
CoGetInterfaceAndReleaseStream
CoSwitchCallContext
CoRegisterMessageFilter
CoMarshalHresult
OleBuildVersion
CoGetPSClsid
OleCreateStaticFromData
OleSave
OleGetAutoConvert
OleCreateDefaultHandler
OleInitialize
CoIsOle1Class
CoRegisterSurrogate
UtGetDvtd32Info
OleSetClipboard
MkParseDisplayName
StgOpenStorageEx
OleCreateLinkFromData
OleCreateFromData
GetHookInterface
OleCreateLink
StgOpenAsyncDocfileOnIFillLockBytes
CoTreatAsClass
CoInitializeSecurity
CoFreeLibrary
FreePropVariantArray
OleGetIconOfClass
CoAddRefServerProcess
CoRevertToSelf
SetConvertStg
CoCreateInstance
CreateDataAdviseHolder
DllDebugObjectRPCHook
StringFromIID
OleRegGetMiscStatus
OleRegEnumVerbs
CoTaskMemFree
OleConvertOLESTREAMToIStorageEx
OleNoteObjectVisible
OleQueryLinkFromData
CoFileTimeToDosDateTime
CoGetCallContext
DoDragDrop
OleCreate
OleCreateLinkToFileEx

advapi32

GetAccessPermissionsForObjectA
SetFileSecurityA
GetExplicitEntriesFromAclW
FreeSid
AreAllAccessesGranted
RegCreateKeyA
OpenBackupEventLogA
EqualSid
InitializeAcl
LookupPrivilegeNameW
RegCreateKeyExA
RegDeleteKeyA
EnumDependentServicesA
EqualPrefixSid
NotifyChangeEventLog
ObjectCloseAuditAlarmA
LookupPrivilegeDisplayNameW
OpenThreadToken
QueryServiceConfigA
BuildTrusteeWithNameA
ObjectDeleteAuditAlarmW
ReadEventLogW
RegEnumKeyExW
OpenSCManagerA
RegCreateKeyW
RegOpenKeyW
ImpersonateNamedPipeClient
RegNotifyChangeKeyValue
CryptSetHashParam
RegSetValueExW
LogonUserA
RegOpenKeyExA
DeleteAce
BuildExplicitAccessWithNameA
PrivilegeCheck
CryptEnumProviderTypesW
GetKernelObjectSecurity
RegQueryValueExA
CreateServiceW
RegQueryValueExW
GetUserNameW
BuildTrusteeWithNameW
GetAccessPermissionsForObjectW
RegEnumValueW

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

62fba5b789bfd8237754c1d09d5b5d2c

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

ole32

advapi32

Sections

.text Size: 62KB - Virtual size: 61KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 12KB

.text
Size: 62KB - Virtual size: 61KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 12KB