27ba3e0059d28d97321780ca8f9efd2da8368cd889f8278b62a49dfd1f67a2ec

Sharing

Copy URL Twitter E-mail

General

Target

27ba3e0059d28d97321780ca8f9efd2da8368cd889f8278b62a49dfd1f67a2ec
Size

176KB
MD5

7a54d8428ac6d11430b1a676b87231e8
SHA1

a74d341fe6744f4b9b5532caf9b18ed178e41648
SHA256

27ba3e0059d28d97321780ca8f9efd2da8368cd889f8278b62a49dfd1f67a2ec
SHA512

529ca774ebccb91a2e67094a8f444f61cc8018cc583c2b1a3b8b62cb0df01dc20ddc0f268cf50546b78c19e15c3adedfc4d11a310b78be048a03bcadf4a95116
SSDEEP

3072:zUFFSfJi1vJVRqkzMQl/kRhmYd6+pmiQOpBx9FJV:gLIJCvJV4ElGmg6+pK6Bx9

Score

N/A

Malware Config

Signatures

Files

27ba3e0059d28d97321780ca8f9efd2da8368cd889f8278b62a49dfd1f67a2ec
.exe windows x86

4d17507f56c74d658103742b9f9b89cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteW
SHGetSpecialFolderPathA
SHGetSpecialFolderLocation

comdlg32

CommDlgExtendedError

ole32

CoInitialize
CoUninitialize

advapi32

IsValidSecurityDescriptor
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
RevertToSelf
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
AddAccessAllowedAce
AdjustTokenPrivileges
AllocateAndInitializeSid
CloseServiceHandle
ControlService
DeleteService
FreeSid
GetLengthSid
GetUserNameA
ImpersonateSelf
InitializeAcl
InitializeSecurityDescriptor
LookupPrivilegeValueA
OpenProcessToken
OpenSCManagerA
OpenServiceA
OpenThreadToken
QueryServiceStatus
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA

user32

EnableWindow
DialogBoxParamA
CreateCursor
SetWindowPos
SetDlgItemTextA
SetClipboardViewer
LoadStringA
IsDlgButtonChecked
GetWindowRect
GetWindowInfo
GetSystemMetrics
GetParent
GetDlgItem
EndDialog

shlwapi

PathIsDirectoryA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

WaitForSingleObject
WinExec
GetModuleHandleA
GetPrivateProfileStringA
GetProcAddress
GetShortPathNameA
GetStartupInfoA
TerminateProcess
VirtualFree
VirtualAlloc
UnmapViewOfFile
GetSystemDirectoryA
SetLastError
SetFilePointer
SetFileAttributesA
SetEnvironmentVariableA
SetEndOfFile
Process32Next
Process32First
OpenProcess
OpenFile
MultiByteToWideChar
MoveFileExA
MapViewOfFile
GetLastError
LocalAlloc
GetWindowsDirectoryA
GetVersionExA
GetUserDefaultLangID
CloseHandle
CopyFileA
CreateDirectoryA
CreateFileA
CreateFileMappingA
CreateProcessA
CreateToolhelp32Snapshot
DeleteFileA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FormatMessageA
FreeLibrary
GetComputerNameA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetFileSize
GetFullPathNameA

oleaut32

SysFreeString
VarUI4FromStr

Exports

Exports

GetCursorInfo
HriCreatePhonebookEntry
OpenTempTable2
RicheditStreamIn

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d17507f56c74d658103742b9f9b89cb

Headers

DLL Characteristics

File Characteristics

Imports

shell32

comdlg32

ole32

advapi32

user32

shlwapi

version

kernel32

oleaut32

Exports

Exports

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 106KB - Virtual size: 105KB

.data Size: 13KB - Virtual size: 14KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 106KB - Virtual size: 105KB

.data
Size: 13KB - Virtual size: 14KB

.rsrc
Size: 9KB - Virtual size: 8KB