be6c6da4ed3b31993232936d661bfe41d60e547a900d71d33ae6d8a9a1e8de43

Sharing

Copy URL Twitter E-mail

General

Target

be6c6da4ed3b31993232936d661bfe41d60e547a900d71d33ae6d8a9a1e8de43
Size

54KB
MD5

73b4656e2eb37cc13657ef10e0faa0da
SHA1

f8ca2e6077baefb287e8a29a0a9039c4438fab0f
SHA256

be6c6da4ed3b31993232936d661bfe41d60e547a900d71d33ae6d8a9a1e8de43
SHA512

04c0a52b117fe8b4ed75a207fd25bed2dac54f73d7df220f78161d3df526773c2a0ba1594c5346d5cc8e45651edf7aa7d239c58cac41de6b09f863097314c7fe
SSDEEP

1536:gmxPcHJfUXNEJ9/weYg1pumtUnIj1VVWhNmseWow:giAJSc5tenIpPWhNmseWow

Score

N/A

Malware Config

Signatures

Files

be6c6da4ed3b31993232936d661bfe41d60e547a900d71d33ae6d8a9a1e8de43
.exe windows x86

dc5573d61c4f68a043c59bc70bfe6f9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetGetConnectionW
WNetGetNetworkInformationW
WNetGetResourceInformationW

user32

SendMessageW
EnableMenuItem
GetDC
CheckDlgButton
GetMenuItemID
GetWindowTextLengthW
DialogBoxParamW
InvalidateRect
ValidateRect
WinHelpW
IsWindow
EndDialog
DestroyIcon
DestroyMenu
GetClientRect
GetClassInfoW
SetForegroundWindow
GetWindowTextW
LoadImageW
GetKeyState
GetLastActivePopup
GetMenuItemCount
GetForegroundWindow
KillTimer
RemoveMenu
GetWindowRect
MessageBoxW
SetFocus
LoadCursorW
CheckRadioButton
GetDlgItemInt
EnableWindow
GetSystemMetrics
CreateWindowExW
RegisterWindowMessageW
GetParent
SetWindowTextW
SwitchToThisWindow
SetWindowLongW
GetWindowThreadProcessId
EnumChildWindows
SetMenuDefaultItem
LoadMenuW
IsDlgButtonChecked
MapWindowPoints
RegisterClassW
SetTimer
GetWindowLongW
SetWindowPos
ReleaseDC
EnumWindows
SetCursor
ShowWindow
MessageBeep
SetMenuItemInfoW
FindWindowW
DefWindowProcW
GetDlgItem
DestroyWindow
RegisterClipboardFormatW
TrackPopupMenu
LoadStringW
GetClassNameW
GetSubMenu
CheckMenuItem
GetDlgItemTextW
PostMessageW
SendDlgItemMessageW
SetDlgItemTextW
GetWindow
SystemParametersInfoW
GetMenuItemInfoW

advapi32

GetTokenInformation
AdjustTokenPrivileges
RegQueryValueExW
RegEnumKeyExW
StartServiceW
FreeSid
OpenServiceW
RegSetValueExW
AccessCheck
RegCloseKey
CheckTokenMembership
OpenProcessToken
CloseServiceHandle
AllocateAndInitializeSid
GetSecurityInfo
RevertToSelf
SetEntriesInAclW
GetUserNameW
LookupAccountSidW
LookupPrivilegeValueW
GetFileSecurityW
SetSecurityDescriptorOwner
ImpersonateSelf
RegDeleteKeyW
SetSecurityInfo
RegConnectRegistryW
OpenThreadToken
RegOpenKeyExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
OpenSCManagerW
ControlService
QueryServiceStatus

rpcrt4

UuidCreate
RpcBindingSetAuthInfoExW
RpcStringFreeW
RpcEpResolveBinding
RpcBindingFromStringBindingW
RpcStringBindingComposeW
NdrClientCall2
RpcBindingFree

shlwapi

PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW

secur32

GetUserNameExW

gdi32

GetDeviceCaps
BitBlt
CreateFontIndirectW
CreateCompatibleDC
RealizePalette
SelectObject
DeleteDC
GetStockObject
DeleteObject
SelectPalette
CreatePalette
GetObjectW
CreateDIBitmap

lz32

LZClose

comdlg32

CommDlgExtendedError
GetOpenFileNameW

ole32

CoCreateInstance
OleGetClipboard
OleInitialize
CoTaskMemFree
CoGetCallContext
ReleaseStgMedium
CoTaskMemAlloc
OleUninitialize
OleSetClipboard

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_SetOverlayImage
PropertySheetW
ImageList_Destroy
ImageList_Remove
ImageList_GetIcon
ImageList_ReplaceIcon
DestroyPropertySheetPage
CreatePropertySheetPageW
InitCommonControlsEx

msvcrt

mbstowcs
iswctype
_itow
_purecall
wcspbrk
wcscmp
wcslen
_initterm
wcsncpy
wcsstr
_except_handler3
setlocale
malloc
_adjust_fdiv
wcstoul
rand
_wcsicmp
_vsnwprintf
wcsspn
wcschr
_wcsnicmp
wcsncmp
memmove
free
wcsrchr
wcstombs

userenv

UnloadUserProfile

ntdsapi

DsMakeSpnW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

shell32

ShellExecuteW
SHGetPathFromIDListW
SHGetFolderPathW
SHChangeNotify
SHFileOperationW
SHExtractIconsW
DragQueryFileW

winmm

auxOutMessage

kernel32

GetFullPathNameW
GlobalReAlloc
GetUserDefaultUILanguage
GetLocalTime
SetUnhandledExceptionFilter
WriteFile
EnterCriticalSection
SetErrorMode
ActivateActCtx
DisableThreadLibraryCalls
InitializeCriticalSection
GetVolumeInformationW
ReleaseActCtx
FindNextFileW
CreateFileMappingW
GetSystemTime
GlobalLock
FileTimeToSystemTime
CloseHandle
DeleteCriticalSection
GetProcAddress
UnmapViewOfFile
FindClose
LocalAlloc
CompareStringW
GetCurrentProcessId
GetDriveTypeW
QueryPerformanceCounter
CancelWaitableTimer
WideCharToMultiByte
lstrcmpA
ExpandEnvironmentStringsW
lstrcmpW
GlobalUnlock
OpenProcess
lstrcpynW
IsBadStringPtrW
SetWaitableTimer
lstrlenW
DeleteFileW
LocalReAlloc
InterlockedIncrement
SystemTimeToFileTime
LockResource
FreeLibrary
CreateThread
SetEndOfFile
GlobalAlloc
GetFileTime
lstrcmpiW
SetCurrentDirectoryW
GetTimeFormatW
GetFileType
LoadLibraryW
InterlockedDecrement
MapViewOfFile
GetFileAttributesW
GetCurrentThread
ExitThread
GetTickCount
VirtualAlloc
GetUserDefaultLCID
ReadFile
GetCurrentProcess
CreateFileW
GetEnvironmentVariableW
FindResourceW
DeactivateActCtx
FindFirstFileW
GlobalFree
CreateWaitableTimerW
IsBadWritePtr
GetVersionExW
SetFileTime
GetComputerNameW
FormatMessageW
LocalFree
LeaveCriticalSection
DuplicateHandle
GetCurrentThreadId
GetComputerNameExW
Sleep
GetLastError
CompareFileTime
SetFilePointer
UnhandledExceptionFilter
SearchPathW
GetCurrentDirectoryW
GetSystemTimeAsFileTime
SetFileAttributesW
LoadResource
MulDiv
GetLocaleInfoW
GetFileSize
TerminateProcess
CreateDirectoryW
GetDateFormatW

Sections

.textbss
Size: 43KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc5573d61c4f68a043c59bc70bfe6f9f

Headers

File Characteristics

Imports

mpr

user32

advapi32

rpcrt4

shlwapi

secur32

gdi32

lz32

comdlg32

ole32

comctl32

msvcrt

userenv

ntdsapi

version

shell32

winmm

kernel32

Sections

.textbss Size: 43KB - Virtual size: 1.3MB

.text Size: 512B - Virtual size: 424B

.idata Size: 8KB - Virtual size: 8KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 4B

.textbss
Size: 43KB - Virtual size: 1.3MB

.text
Size: 512B - Virtual size: 424B

.idata
Size: 8KB - Virtual size: 8KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 4B