59d49a2632c421fed5067c37ad6f396b

Sharing

Copy URL

Twitter E-mail

General

Target

59d49a2632c421fed5067c37ad6f396b
Size

76KB
MD5

59d49a2632c421fed5067c37ad6f396b
SHA1

a09801ff2e6e0b5c01ed609f3678ca16195133ff
SHA256

5edb62d4e1793bd1e8c893fb4c6544cfc9e1533729eb569a0e21ca81993e3814
SHA512

9c84fe0a5ab88981e4d9624c0c6cb8282c1d6b7fd42e42010319f5d76a4f7dee0027561b740daf0c547e80304358f3b440d6664dd8f6bc063eb2113c63d599ff
SSDEEP

768:Koo8pxI3K6aRwx1FQt8k84kZXsuCaQdGyd7qd3MTHy0xg43jE:0AoK6aRW6t8khunk7rby07jE

Score

N/A

Malware Config

Signatures

Files

59d49a2632c421fed5067c37ad6f396b
.exe windows x86

f777985c12806230c433f70548f31588

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageW
CheckRadioButton
SetDlgItemInt
SetTimer
SetWindowTextW
CheckDlgButton
SendMessageA
DialogBoxParamW
EnableWindow
EndDialog
GetDlgItem
IsDlgButtonChecked
KillTimer
LoadIconA
MessageBoxW

kernel32

SetFilePointer
SetThreadExecutionState
SetFilePointerEx
WriteFile
WriteConsoleW
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjects
AllocConsole
CloseHandle
CopyFileW
CreateFileW
CreateIoCompletionPort
CreateThread
DeleteFileW
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlushConsoleInputBuffer
FormatMessageW
GetCommandLineW
GetDriveTypeW
GetExitCodeThread
GetFileAttributesW
GetFileSize
GetLastError
GetLocalTime
GetLogicalDriveStringsW
GetModuleFileNameW
GetModuleHandleW
GetNativeSystemInfo
GetProcAddress
GetProcessHeap
GetQueuedCompletionStatus
GetStdHandle
GetTempFileNameW
GetTempPathW
HeapAlloc
HeapFree
HeapReAlloc
InterlockedIncrement
MoveFileExW
MultiByteToWideChar
OpenProcess
PostQueuedCompletionStatus
ReadFile
SetConsoleTextAttribute
SetConsoleTitleW
SetEndOfFile
SetFileAttributesW
Sleep

comctl32

InitCommonControls

comdlg32

GetOpenFileNameW

shell32

CommandLineToArgvW
DragQueryFileW
SHGetPathFromIDListW
SHBrowseForFolderW

ole32

CoTaskMemFree

msvcrt

memset
_kbhit
_getch
sprintf
wcscat
memcpy
swprintf
wcscpy
wcsrchr
_wcsicmp
wcslen

advapi32

RegCloseKey
GetTokenInformation
ImpersonateLoggedOnUser
RegQueryValueExW
RegOpenKeyExW
AdjustTokenPrivileges
OpenProcessToken

iphlpapi

GetAdaptersInfo
SendARP

ntdll

NtQuerySystemInformation
RtlComputeCrc32
NtSetInformationProcess

wsock32

WSAStartup
inet_addr
gethostbyaddr
WSACleanup

shlwapi

PathIsDirectoryEmptyW
PathIsDirectoryW
PathRemoveExtensionW
PathAddBackslashW

netapi32

NetShareEnum

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f777985c12806230c433f70548f31588

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

comctl32

comdlg32

shell32

ole32

msvcrt

advapi32

iphlpapi

ntdll

wsock32

shlwapi

netapi32

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 151KB

.rsrc Size: 37KB - Virtual size: 36KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 151KB

.rsrc
Size: 37KB - Virtual size: 36KB

.reloc
Size: 1KB - Virtual size: 1KB