4cb545ad881d04654fdb2681d9ad86d1aa6c493ba447a98b7259e1438cd503d2

Sharing

Copy URL Twitter E-mail

General

Target

4cb545ad881d04654fdb2681d9ad86d1aa6c493ba447a98b7259e1438cd503d2
Size

524KB
MD5

70b563e5c35a9a307a56509729bb0c70
SHA1

b22e515417b0c7b6529cbbdf8ab53739dfd8fca3
SHA256

4cb545ad881d04654fdb2681d9ad86d1aa6c493ba447a98b7259e1438cd503d2
SHA512

d0ffc9a4fb7b621b06b850b2ceed1c03b0d4b6068a40c90463ad33a85ec197be5f7121358cc8a0cc32acc3f2eb277bf2a658ae892b9f36d59d76d72a37172087
SSDEEP

12288:2T796mN7pdwz/9tc9S3qJweoXsoM+KhOTQLxSnRa:2T79/dwz/9tc9S3q2eDokE8FSnRa

Score

N/A

Malware Config

Signatures

Files

4cb545ad881d04654fdb2681d9ad86d1aa6c493ba447a98b7259e1438cd503d2
.exe windows x86

b780c27dd9244789c3c6d09b47694870

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathRemoveExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathAddBackslashW

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Draw
ImageList_Add
ImageList_Replace
ImageList_Destroy
ImageList_GetImageCount
InitCommonControlsEx
CreateStatusWindowW

shell32

ShellExecuteW
SHBrowseForFolderW
SHGetPathFromIDListW

kernel32

lstrcpynA
lstrlenA
lstrcpynW
MulDiv
GetLocaleInfoW
lstrcpyW
GetCurrentProcessId
lstrcmpW
LocalFileTimeToFileTime
SystemTimeToFileTime
CloseHandle
WaitForSingleObject
CreateFileW
ReadFile
WriteFile
SetFilePointer
GetFileSize
FindNextFileW
FindClose
GetFullPathNameW
FindFirstFileW
GetSystemTimeAsFileTime
HeapFree
HeapReAlloc
HeapAlloc
ExitThread
CreateThread
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
LoadLibraryW
Sleep
HeapSize
ExitProcess
HeapCreate
HeapDestroy
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
RtlUnwind
VirtualQuery
GetModuleHandleA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
LoadLibraryA
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileA
FlushFileBuffers
GetProcessHeap
InterlockedCompareExchange
IsProcessorFeaturePresent
GetModuleFileNameW
LoadLibraryExW
FreeLibrary
SetLastError
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
GetLastError
GetCurrentThreadId
GlobalUnlock
GlobalFree
FreeResource
GetVersionExW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetUserDefaultLangID
GetTimeFormatW
FileTimeToSystemTime
GetDateFormatW
FileTimeToLocalFileTime
lstrlenW
GetModuleHandleW
GetProcAddress
VirtualProtect
VirtualAlloc
GetCurrentProcess
FlushInstructionCache
VirtualFree
WideCharToMultiByte
MultiByteToWideChar
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
RaiseException
TlsFree

user32

CreatePopupMenu
RemoveMenu
LoadStringW
SetFocus
PostQuitMessage
LoadStringA
GetMenuItemCount
MonitorFromPoint
TrackPopupMenuEx
ModifyMenuW
AppendMenuW
IsMenu
SetRectEmpty
ReleaseDC
GetWindowDC
MessageBeep
PtInRect
ScreenToClient
SetCapture
ReleaseCapture
InflateRect
FillRect
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
BeginPaint
EndPaint
GetCapture
TrackPopupMenu
EnableMenuItem
IsWindowEnabled
GetWindowTextW
SetCursor
CopyRect
GetSysColorBrush
DrawTextW
DrawEdge
SetRect
GetSysColor
OffsetRect
GetMessagePos
SystemParametersInfoW
DestroyCaret
ScrollWindowEx
SetScrollPos
GetScrollInfo
SetScrollInfo
GetCursorPos
GetActiveWindow
IsWindowVisible
GetWindowThreadProcessId
GetFocus
DrawFrameControl
FrameRect
WindowFromPoint
RegisterWindowMessageW
UnhookWindowsHookEx
CharLowerW
GetKeyState
CallNextHookEx
GetClassNameW
SetWindowsHookExW
GetSubMenu
GetDlgCtrlID
DrawFocusRect
GetWindowTextLengthW
LoadIconW
LoadMenuW
CreateDialogIndirectParamW
UnregisterClassA
SetMenuDefaultItem
GetMenuItemInfoW
SetMenuItemInfoW
DestroyCursor
GetDC
GetDlgItem
EnableWindow
InvalidateRect
UpdateWindow
GetWindowPlacement
SetMenu
GetMenu
PostMessageW
DestroyMenu
GetSystemMetrics
CallWindowProcW
SendMessageW
MoveWindow
EndDialog
GetWindow
GetWindowRect
MonitorFromWindow
GetMonitorInfoW
GetClientRect
MapWindowPoints
SetWindowPos
GetParent
SetDlgItemTextW
GetDlgItemTextW
SetWindowTextW
DialogBoxIndirectParamW
CreateWindowExW
GetClassInfoExW
LoadCursorW
LoadImageW
CharNextW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
DefWindowProcW
IsWindow
MessageBoxW
ShowWindow
SetWindowPlacement
DestroyWindow
GetWindowLongW
SetWindowLongW
GetKeyNameTextW
MapVirtualKeyW
CharUpperW
wvsprintfW
RegisterClassExW

gdi32

SetViewportOrgEx
BitBlt
CreateCompatibleBitmap
CreateFontIndirectW
SetBkMode
CreateDIBSection
DeleteDC
CreateCompatibleDC
PatBlt
SetBkColor
CreateBitmap
GetTextExtentPoint32W
SelectObject
CreateFontW
GetObjectW
CreateDIBitmap
GetDeviceCaps
GetStockObject
SetBrushOrgEx
DeleteObject
LineTo
MoveToEx
CreatePen
SetTextColor
CreatePatternBrush

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW

ole32

CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoInitializeEx
CoUninitialize

oleaut32

VariantClear
VarUI4FromStr

Sections

.text
Size: 301KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 53KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b780c27dd9244789c3c6d09b47694870

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

comctl32

shell32

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

Sections

.text Size: 301KB - Virtual size: 300KB

.rdata Size: 57KB - Virtual size: 57KB

.data Size: 53KB - Virtual size: 63KB

.rsrc Size: 112KB - Virtual size: 180KB

.text
Size: 301KB - Virtual size: 300KB

.rdata
Size: 57KB - Virtual size: 57KB

.data
Size: 53KB - Virtual size: 63KB

.rsrc
Size: 112KB - Virtual size: 180KB