d75c4601d556416e4ce1521ade50ec9797ba849ceba25e8c0f4dbe7f51234248

Sharing

Copy URL Twitter E-mail

General

Target

d75c4601d556416e4ce1521ade50ec9797ba849ceba25e8c0f4dbe7f51234248
Size

36KB
MD5

6aab2e83ae1a8473a17111733779f6e0
SHA1

1cfcd38c982289d4983115b1cfa0b33530cf9b1e
SHA256

d75c4601d556416e4ce1521ade50ec9797ba849ceba25e8c0f4dbe7f51234248
SHA512

a8ad678da1cb9c293b8564a756d626192b472ad2104d0c66d8265343b73dd2469ecff1d2e5e990821188afb50523011af57187e0d052eec76ee24dbc7959f95c
SSDEEP

768:GN6QKz6DsbncMHQsqAeUBqZpiWmJqwqX4UXkat:P3+DCnBvqAeUBEppeqwl

Score

N/A

Malware Config

Signatures

Files

d75c4601d556416e4ce1521ade50ec9797ba849ceba25e8c0f4dbe7f51234248
.exe windows x86

88124532dfe93f74ae03513a6b4a6748

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlEscapeA
UrlCombineA
UrlGetPartA
UrlCanonicalizeA
PathCombineA
UrlIsOpaqueA
UrlGetLocationA
UrlHashA
UrlIsA
UrlCompareA

user32

GetCaretPos
IsZoomed
GetWindowTextA
GetMessageA
IsWindow
DialogBoxParamA
wsprintfA
GetPropA
SetCursorPos
DrawIcon
IsDialogMessageA
CreateWindowExA
IsCharLowerW

wtsapi32

WTSEnumerateSessionsW
WTSVirtualChannelQuery
WTSLogoffSession
WTSFreeMemory
WTSUnRegisterSessionNotification
WTSVirtualChannelRead
WTSWaitSystemEvent
WTSOpenServerW
WTSSendMessageA
WTSSetSessionInformationW
WTSRegisterSessionNotification
WTSEnumerateProcessesA
WTSVirtualChannelOpen
WTSSetUserConfigW

advapi32

RegOpenKeyExA
IsTextUnicode
RegEnumValueA
CreateProcessAsUserA
RegEnumKeyA
RegCreateKeyA
InitializeSid
RegFlushKey
ControlService
RegSaveKeyA
IsValidAcl
CreateServiceA
RegQueryValueA

kernel32

FindResourceA
GetAtomNameA
UpdateResourceA
GetStringTypeA
HeapValidate
GetSystemTimeAsFileTime
GetCurrentDirectoryA
FormatMessageA
GetFullPathNameA
CreateNamedPipeA
GetProcessId
GetProcAddress
CloseHandle
SetFilePointer
CreateDirectoryA
GetCurrentProcess
GetModuleHandleA
DeviceIoControl
ReadConsoleA
GetPrivateProfileStructW
ReadFile
GetPrivateProfileIntA
GetComputerNameA
WaitForSingleObject

modemui

CountryRunOnce
drvSetDefaultCommConfigA
drvCommConfigDialogA
drvGetDefaultCommConfigA

msimg32

DllInitialize
TransparentBlt
vSetDdrawflag
GradientFill

certcli

CACloseCertType
CADeleteCA
CAEnumNextCA
CACloseCA
CAEnumFirstCA

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88124532dfe93f74ae03513a6b4a6748

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

user32

wtsapi32

advapi32

kernel32

modemui

msimg32

certcli

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 20KB - Virtual size: 19KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 20KB - Virtual size: 19KB

.reloc
Size: 3KB - Virtual size: 2KB