e38af0d79c15c641f3856bca0471b6e7205acac3d152816dc6ee8335e2a946f6

Sharing

Copy URL

Twitter E-mail

General

Target

e38af0d79c15c641f3856bca0471b6e7205acac3d152816dc6ee8335e2a946f6
Size

772KB
MD5

70b32a8786fff94ddf3dba0c175e4980
SHA1

1a9e9f72ea95df566971c62d05987ca30e1f8a08
SHA256

e38af0d79c15c641f3856bca0471b6e7205acac3d152816dc6ee8335e2a946f6
SHA512

4ae96d2998c04b895e9ecb98638e79803f4308c85d315915653f436bae61fcbac5f4d50528c9668b5835b5d88673106a0ea381361c9671fa5cb1e3cc99c821e4
SSDEEP

24576:2MPTxtWEk5kS6Xq3QEPvrl8rZHty5jux:2aqEy6a3QEPvmxtyS

Score

N/A

Malware Config

Signatures

Files

e38af0d79c15c641f3856bca0471b6e7205acac3d152816dc6ee8335e2a946f6
.exe windows x86

bbc53e333f88b0994c37cccf2bd006a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW

kernel32

InterlockedDecrement
CreateThread
GetCurrentThreadId
CloseHandle
WriteFile
CreateFileW
MulDiv
SetEvent
FormatMessageW
LocalFree
GetFileSizeEx
GetFileAttributesW
CreateDirectoryW
GetTempPathW
FindNextFileW
ResetEvent
WaitForSingleObject
GetProcessHeap
GetLastError
HeapAlloc
HeapFree
lstrlenW
FindFirstFileW
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
lstrlenA
GetOverlappedResult
WaitForMultipleObjects
ReadFile
HeapReAlloc
GetModuleFileNameW
DeleteFileW
CreateEventW
FindClose
InterlockedIncrement
RemoveDirectoryW
GetSystemTimeAsFileTime

gdi32

DeleteObject
GetObjectW
GetDeviceCaps
CreateFontIndirectW

user32

GetWindowRect
EnableWindow
GetWindowLongW
GetParent
SendMessageW
SetWindowLongW
PostMessageW
GetDlgItem
SetWindowTextW
SetDlgItemTextW
SendDlgItemMessageW
MapWindowPoints
MessageBoxW
ShowWindow
GetDC
ReleaseDC
KillTimer
LoadStringW
PostThreadMessageW
SetTimer
GetMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
LoadImageW
GetWindowTextLengthW
SetForegroundWindow

msvcrt

__set_app_type
_except_handler4_common
??1type_info@@UAE@XZ
_unlock
__dllonexit
_lock
_onexit
?terminate@@YAXXZ
_controlfp
__p__fmode
_XcptFilter
memcpy
_exit
_cexit
__getmainargs
malloc
_callnewh
_CxxThrowException
free
??0exception@@QAE@ABV0@@Z
__p__commode
__setusermatherr
_amsg_exit
_acmdln
_ismbblead
exit
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
??0exception@@QAE@XZ
rand_s
wcschr
wcstoul
_wcsicmp
memset
_vsnwprintf
_initterm
memmove

comctl32

PropertySheetW
InitCommonControlsEx

shell32

SHGetPathFromIDListW
SHGetSpecialFolderPathW
SHCreateItemFromParsingName
ord190
SHCreateShellItemArrayFromIDLists
ord155
SHBrowseForFolderW
SHCreateItemInKnownFolder
SHGetDesktopFolder
SHBindToParent
SHSetLocalizedName
SHGetFolderPathW
ShellExecuteW
ord258

comdlg32

GetOpenFileNameW
CommDlgExtendedError

shlwapi

PathRemoveFileSpecW
StrStrIA
ord174
StrRetToBufW
PathAppendW
PathAddExtensionW
PathIsDirectoryW
PathFindFileNameW
PathFindExtensionW
PathCombineW
StrFormatByteSizeW

ws2_32

getpeername
ioctlsocket
WSARecv
WSASend
WSAGetOverlappedResult
bind
getsockname
listen
WSASetServiceW
socket
setsockopt
WSAGetLastError
connect
closesocket
WSACleanup
WSAStartup

mswsock

AcceptEx

ole32

PropVariantClear
CoTaskMemFree
CoMarshalInterThreadInterfaceInStream
CoInitializeEx
CoGetInterfaceAndReleaseStream
CoUninitialize
CoCreateInstance
CoRegisterClassObject
CoRevokeClassObject

bthprops.cpl

BluetoothAuthenticateDeviceEx
BluetoothEnableDiscovery
BluetoothFindFirstRadio
BluetoothFindRadioClose
BluetoothGetDeviceInfo

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 560KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bbc53e333f88b0994c37cccf2bd006a6

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

msvcrt

comctl32

shell32

comdlg32

shlwapi

ws2_32

mswsock

ole32

bthprops.cpl

Sections

.text Size: 39KB - Virtual size: 38KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 171KB - Virtual size: 171KB

.reloc Size: 560KB - Virtual size: 2.3MB

.text
Size: 39KB - Virtual size: 38KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 171KB - Virtual size: 171KB

.reloc
Size: 560KB - Virtual size: 2.3MB