728bc3e3651456e75d257b2b6aa49e59c8d89f08c8385bb92868eef613fcee47

Sharing

Copy URL

Twitter E-mail

General

Target

728bc3e3651456e75d257b2b6aa49e59c8d89f08c8385bb92868eef613fcee47
Size

524KB
MD5

470d8e42b1351b3bd475fd4e45297d70
SHA1

cb4b1f43c8c84038bae18e4f70721d04488ed7dc
SHA256

728bc3e3651456e75d257b2b6aa49e59c8d89f08c8385bb92868eef613fcee47
SHA512

f1914c9d637c6693b8c95727b667f541242ca54de5839b9ab2232cfa736b7f971058cfee5c287b25566ae288326e8f25195051cb18522133346ebc1a8b5d43f7
SSDEEP

12288:yVhPSvxNlgJPxMvpvf/0fHOFgLVa3otGYsIWSw+s+UfDKJ2whF:Uhfa3otnsUs+bh

Score

N/A

Malware Config

Signatures

Files

728bc3e3651456e75d257b2b6aa49e59c8d89f08c8385bb92868eef613fcee47
.exe windows x86

e303169f98982ef276879fdafa6010ac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
FreeLibrary
GetProcAddress
LoadLibraryW
ExpandEnvironmentStringsW
GetCurrentThreadId
GetModuleHandleA
GetEnvironmentVariableW
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
LocalAlloc
SetEnvironmentVariableW
QueryPerformanceCounter
LocalFree
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
VirtualQuery
InterlockedExchange
RtlUnwind
HeapReAlloc
VirtualAlloc
Sleep
GetCPInfo
GetOEMCP
GetACP
LoadLibraryA
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
GetSystemInfo

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyW

mpr

WNetLogonNotify
WNetPasswordChangeNotify

ntdll

RtlInitUnicodeString
RtlUnicodeStringToAnsiString
sscanf
RtlFreeAnsiString
wcsstr
wcscpy
wcscmp
wcscat

user32

SendMessageW
GetThreadDesktop
SetThreadDesktop
CloseDesktop
OpenInputDesktop

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 500KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e303169f98982ef276879fdafa6010ac

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

mpr

ntdll

user32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.vmp0 Size: 500KB - Virtual size: 1.6MB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.vmp0
Size: 500KB - Virtual size: 1.6MB