e1873c546dbee0e1462ad0e08c23f84c8205ee334acffd4005dd99658883eab7

Sharing

Copy URL Twitter E-mail

General

Target

e1873c546dbee0e1462ad0e08c23f84c8205ee334acffd4005dd99658883eab7
Size

1.2MB
MD5

684ef17bce858687de640b16fed40c50
SHA1

afa9188f8e8d07bb63fb3f6026ffb868cbac7a8b
SHA256

e1873c546dbee0e1462ad0e08c23f84c8205ee334acffd4005dd99658883eab7
SHA512

f7792c7c2199a35e0d8cf00964b75dc1be5b51500cbbc2505af44ab3ed37957d9bc10a05cbb3536fc9225127fe55a90cd872c39e6b9e6de034a37cfdd3fd913a
SSDEEP

12288:pMXi/W7x9OJMXi/W7xGN/l+PbzW32KTreAvcPtkYjW0rVgKTBZl8He6LMXi/W7x0:p6U6m/+bzW7TdcRjPCqB6L6m/+bzW

Score

N/A

Malware Config

Signatures

Files

e1873c546dbee0e1462ad0e08c23f84c8205ee334acffd4005dd99658883eab7
.exe windows x86

d6ea4b06156c7f3caac1e188affba8a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
LoadLibraryA
LoadLibraryW
GetFullPathNameA
VirtualProtect
WriteConsoleA
ReadConsoleA
SetEnvironmentVariableW
WaitForSingleObject
ReadFile
HeapAlloc
GetConsoleTitleW
GetAtomNameA
CreateDirectoryA
GetPrivateProfileIntA
GetCurrentProcess
GetGeoInfoA
SetFilePointer
CreateNamedPipeA
GetComputerNameA
GetProcessId
GetProcessHeap

wtsapi32

WTSLogoffSession
WTSSetUserConfigW
WTSVirtualChannelQuery
WTSVirtualChannelPurgeInput
WTSRegisterSessionNotification
WTSQuerySessionInformationA
WTSVirtualChannelClose
WTSVirtualChannelRead
WTSSendMessageA
WTSQueryUserToken
WTSVirtualChannelWrite
WTSWaitSystemEvent
WTSEnumerateServersW
WTSEnumerateSessionsW
WTSEnumerateProcessesA

shell32

SHChangeNotify
DragQueryFileA
DragQueryPoint
SHGetDesktopFolder
DuplicateIcon
DragFinish
SHGetDataFromIDListA
SHGetDiskFreeSpaceA
FindExecutableA
DllUnregisterServer
SHFileOperationA
ShellAboutA
SHGetFileInfoA
DragAcceptFiles
SHFree
SHGetMalloc
ExtractIconA

msimg32

AlphaBlend
DllInitialize
vSetDdrawflag

uxtheme

GetThemeRect
GetThemeColor
GetThemeBool
GetThemeTextExtent
GetThemeEnumValue
DrawThemeEdge
DrawThemeBackground
OpenThemeData
GetThemeSysSize
GetThemeTextMetrics

odbctrac

TraceSQLBindCol
TraceSQLConnect
TraceSQLError
TraceSQLFetch
TraceSQLCancel

user32

DrawStateA
CreateDesktopA
DispatchMessageA
IsWindowEnabled
LoadCursorA
GetWindowLongW
IsDialogMessageA
GetDlgItemTextA
wsprintfA
PeekMessageA
LoadMenuA

dsprop

ErrMsg
CrackName

Sections

.text
Size: 876KB - Virtual size: 875KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 290KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6ea4b06156c7f3caac1e188affba8a7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

wtsapi32

shell32

msimg32

uxtheme

odbctrac

user32

dsprop

Sections

.text Size: 876KB - Virtual size: 875KB

.data Size: 15KB - Virtual size: 75KB

.rsrc Size: 290KB - Virtual size: 290KB

.text
Size: 876KB - Virtual size: 875KB

.data
Size: 15KB - Virtual size: 75KB

.rsrc
Size: 290KB - Virtual size: 290KB