4b43b324904ef3b2a676153becd6518e7238a3fa711116abbfc047ba06fe7aae

Sharing

Copy URL Twitter E-mail

General

Target

4b43b324904ef3b2a676153becd6518e7238a3fa711116abbfc047ba06fe7aae
Size

288KB
MD5

709555ca6a5493494ec34854918debc0
SHA1

d64d951e551bea43e901e293560591dcb314fa78
SHA256

4b43b324904ef3b2a676153becd6518e7238a3fa711116abbfc047ba06fe7aae
SHA512

4b15fe9e9412f588d75324992f8175552fe830f00d30c2bf53c570f16464cfc67b509fb1110bd7dfce88b4a4dc98863e183fb892f791fc6a67cd21ba99615265
SSDEEP

6144:gZTRGCZCIbBXw9CEdNr5xVbf34Nl3QMRW7d1ximtbuQofPWwj/s/d3lL:gZTQCZLRwdNl/Pm+dLimtb5o3fgJ

Score

N/A

Malware Config

Signatures

Files

4b43b324904ef3b2a676153becd6518e7238a3fa711116abbfc047ba06fe7aae
.exe windows x86

5f65429abf720795fd8c8afb3ee85995

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegisterTraceGuidsW
RegDeleteValueW
RegQueryInfoKeyW
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
TraceMessage
GetTraceEnableLevel
GetTraceLoggerHandle
GetTraceEnableFlags
UnregisterTraceGuids
RegEnumKeyExW

user32

GetSystemMetrics
GetDialogBaseUnits
GetDlgItemTextW
ShowWindow
CharNextW
CreateDialogParamW
CopyRect
SystemParametersInfoW
SendDlgItemMessageW
GetClientRect
EnableWindow
SetWindowPos
SetDlgItemTextW
DestroyWindow
GetDlgItem
GetWindow
LoadStringW
MapWindowPoints
SetWindowLongW
MessageBoxW
GetParent
DialogBoxParamW
SetWindowTextW
LoadImageW
GetWindowRect
SendMessageW
GetWindowLongW
DrawTextW
SetFocus
EndDialog

kernel32

GetProcAddress
lstrcmpiW
HeapDestroy
lstrlenW
OutputDebugStringA
lstrcpynW
SetLastError
lstrlenA
GetLastError
LoadResource
GetCurrentProcess
GetEnvironmentStringsA
GetCurrentProcessId
FlushInstructionCache
MultiByteToWideChar
LeaveCriticalSection
SetUnhandledExceptionFilter
HeapAlloc
FormatMessageW
lstrcpyW
LoadLibraryA
GetProcessHeap
VirtualFree
GetSystemInfo
GetSystemTimeAsFileTime
EnterCriticalSection
lstrcatW
DeleteCriticalSection
FindResourceW
InterlockedIncrement
GetUserDefaultLCID
SizeofResource
GetTickCount
QueryPerformanceCounter
GetModuleFileNameW
FreeLibrary
HeapFree
InterlockedDecrement
LocalFree

rpcrt4

CStdStubBuffer_DebugServerQueryInterface
NdrOleFree
CStdStubBuffer_Connect
CStdStubBuffer_IsIIDSupported
NdrCStdStubBuffer_Release
NdrOleAllocate
NdrDllRegisterProxy
CStdStubBuffer_AddRef
CStdStubBuffer_QueryInterface
IUnknown_AddRef_Proxy
CStdStubBuffer_CountRefs
NdrDllCanUnloadNow
CStdStubBuffer_Invoke
NdrDllGetClassObject
IUnknown_QueryInterface_Proxy
NdrDllUnregisterProxy
CStdStubBuffer_Disconnect
IUnknown_Release_Proxy

shell32

ShellExecuteW
SHGetFolderPathW

msvcrt

wcsncpy
free
_initterm
malloc
_except_handler3
swprintf
wcscmp
realloc
?terminate@@YAXXZ
??2@YAPAXI@Z
??3@YAXPAX@Z
__CxxFrameHandler
wcscat
_adjust_fdiv
??1type_info@@UAE@XZ
wcslen

untfs

Format
Chkdsk
Recover
FormatEx
Extend
ChkdskEx

ole32

CoTaskMemRealloc
CoSetProxyBlanket
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance

netshell

HrGetIconFromMediaType

gdi32

SetBkMode

Sections

text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f65429abf720795fd8c8afb3ee85995

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

kernel32

rpcrt4

shell32

msvcrt

untfs

ole32

netshell

gdi32

Sections

text Size: 87KB - Virtual size: 86KB

.rdata Size: 188KB - Virtual size: 187KB

.rsrc Size: 11KB - Virtual size: 10KB

text
Size: 87KB - Virtual size: 86KB

.rdata
Size: 188KB - Virtual size: 187KB

.rsrc
Size: 11KB - Virtual size: 10KB