e067b27e2b1a218cf7be023a1f4ec6e3157e6b1a34f5e217567636a0b140dd4e

Sharing

Copy URL Twitter E-mail

General

Target

e067b27e2b1a218cf7be023a1f4ec6e3157e6b1a34f5e217567636a0b140dd4e
Size

288KB
MD5

658e62915dfc1ce147116c468016bd22
SHA1

2d745afcb908a1a4d899b29231a02eec5a48e3bb
SHA256

e067b27e2b1a218cf7be023a1f4ec6e3157e6b1a34f5e217567636a0b140dd4e
SHA512

a2808cf52ead9fde3a98eb57d5f7f6d1ccad3e675f8cc20d2052408a5cc3e8a882022eb4a373aa703bda908050152a0519a08fa3e5f53808da432771785afcfe
SSDEEP

3072:9XGoe0so1qSqQh1V4IGRFf68N8lIGJdxFMUiG1zcZUCupteGNKB32gum:BGoeR+qSqQhIRRZGIGIqQupt0B32g

Score

N/A

Malware Config

Signatures

Files

e067b27e2b1a218cf7be023a1f4ec6e3157e6b1a34f5e217567636a0b140dd4e
.exe windows x86

246e32aee4e23128711cfb5953350cf1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ctl3d32

Ctl3dGetVer
Ctl3dEnabled
Ctl3dCtlColor
Ctl3dRegister
Ctl3dUnregister

kernel32

GetConsoleAliasW
GetAtomNameA
SleepEx
VirtualProtect
GetEnvironmentVariableA
UpdateResourceW
GetProcessId
CreateFileW
FormatMessageA
GetGeoInfoW
LoadLibraryW
GetNumberFormatW
GetModuleHandleA

shell32

StrChrA
DragQueryPoint
DragQueryFileA
FindExecutableA
SHGetDiskFreeSpaceA
SHGetDesktopFolder
DuplicateIcon
DllUnregisterServer
SHGetFileInfoA
ShellAboutA
DragAcceptFiles
SHFree
ExtractIconA
SHGetDataFromIDListA
SHFileOperationA
SHGetMalloc

modemui

InvokeControlPanel
drvSetDefaultCommConfigA
CountryRunOnce
drvGetDefaultCommConfigA

uxtheme

GetThemeSysSize
GetWindowTheme
IsThemeActive
GetThemeTextExtent
DrawThemeBackground
GetThemeRect
OpenThemeData
GetThemeBool
GetThemeTextMetrics
DrawThemeEdge
GetThemeInt
GetThemeColor
SetWindowTheme
GetThemeFilename

wtsapi32

WTSQuerySessionInformationA
WTSVirtualChannelClose
WTSRegisterSessionNotification
WTSWaitSystemEvent
WTSFreeMemory
WTSOpenServerW
WTSVirtualChannelQuery
WTSQueryUserToken
WTSVirtualChannelWrite
WTSVirtualChannelRead
WTSUnRegisterSessionNotification
WTSEnumerateSessionsW
WTSSetSessionInformationW
WTSEnumerateProcessesA
WTSVirtualChannelPurgeInput
WTSLogoffSession

user32

GetMessageW
IsDialogMessageW
PostMessageW
GetDlgItemTextW
DrawStateA
DispatchMessageW
PeekMessageW
wsprintfA
GetPropA
InsertMenuA
LoadIconA
CreateDesktopW
CharToOemA

cfgmgr32

CM_Add_IDA
CMP_Report_LogOn
CM_Add_Empty_Log_Conf
CM_Add_Range

Sections

.text
Size: 208KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

246e32aee4e23128711cfb5953350cf1

Headers

DLL Characteristics

File Characteristics

Imports

ctl3d32

kernel32

shell32

modemui

uxtheme

wtsapi32

user32

cfgmgr32

Sections

.text Size: 208KB - Virtual size: 204KB

.data Size: 48KB - Virtual size: 46KB

.rsrc Size: 28KB - Virtual size: 25KB

.text
Size: 208KB - Virtual size: 204KB

.data
Size: 48KB - Virtual size: 46KB

.rsrc
Size: 28KB - Virtual size: 25KB