024a00dfcd493ba34b3f48d4abdb116241221f47aa239c3f148f0d204956a61e

Sharing

Copy URL

Twitter E-mail

General

Target

024a00dfcd493ba34b3f48d4abdb116241221f47aa239c3f148f0d204956a61e
Size

312KB
MD5

6f07a0c8579eb48281cb59b3655276d0
SHA1

1c29e8d76504d0765e31c5f827daad55092dd1b7
SHA256

024a00dfcd493ba34b3f48d4abdb116241221f47aa239c3f148f0d204956a61e
SHA512

4cbf7c9b9ca11aeb185e6a20855fb40da1e421169ac86ca2b53a7763f211af2ff24ef67ec3dfb19b247c100baa504698e3232e2827a91cf99f30ba3b1a2bcbee
SSDEEP

6144:Xth1hCXmVop0n2hhz1Ruq9mySXg+GK1oi3DqHnFtsbk1JBNT7DWp:b1YmVAH5Eq9mySw+hqHnF2Qn7DWp

Score

N/A

Malware Config

Signatures

Files

024a00dfcd493ba34b3f48d4abdb116241221f47aa239c3f148f0d204956a61e
.exe windows x86

f803004fc1c944f66379125a1a1265f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageW
lstrcmpiW
QueryPerformanceCounter
HeapAlloc
OutputDebugStringA
lstrcpynW
SetUnhandledExceptionFilter
SizeofResource
InterlockedDecrement
LoadLibraryA
lstrlenA
LoadResource
LeaveCriticalSection
GetModuleFileNameW
FlushInstructionCache
EnterCriticalSection
RemoveDirectoryA
FindResourceW
HeapDestroy
DeleteCriticalSection
FreeLibrary
GetEnvironmentStringsA
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrcatW
lstrcpyW
GetTickCount
SetLastError
GetCurrentProcess
GetProcAddress
lstrlenW
LocalFree
InterlockedIncrement
GetSystemInfo
MultiByteToWideChar
HeapFree
GetProcessHeap
GetLastError
GetUserDefaultLCID
VirtualFree

user32

MapWindowPoints
SetWindowPos
SendDlgItemMessageW
SendMessageW
GetWindow
GetSystemMetrics
LoadImageW
CreateDialogParamW
SetDlgItemTextW
GetDialogBaseUnits
GetClientRect
LoadStringW
EnableWindow
CopyRect
SetWindowLongW
SystemParametersInfoW
GetWindowLongW
GetDlgItem
DestroyWindow
GetDlgItemTextW
SetWindowTextW
MessageBoxW
DrawTextW
DialogBoxParamW
EndDialog
GetWindowRect
SetFocus
ShowWindow
CharNextW
GetParent

rpcrt4

CStdStubBuffer_Disconnect
NdrDllCanUnloadNow
CStdStubBuffer_CountRefs
IUnknown_QueryInterface_Proxy
CStdStubBuffer_Invoke
NdrCStdStubBuffer_Release
CStdStubBuffer_QueryInterface
IUnknown_AddRef_Proxy
CStdStubBuffer_Connect
CStdStubBuffer_IsIIDSupported
NdrDllUnregisterProxy
IUnknown_Release_Proxy
NdrOleAllocate
NdrDllRegisterProxy
NdrOleFree
CStdStubBuffer_DebugServerQueryInterface
NdrDllGetClassObject
CStdStubBuffer_AddRef

msvcrt

_adjust_fdiv
_except_handler3
malloc
??2@YAPAXI@Z
wcscat
swprintf
?terminate@@YAXXZ
free
??3@YAXPAX@Z
wcslen
??1type_info@@UAE@XZ
_initterm
wcsncpy
wcscmp
realloc
__CxxFrameHandler

advapi32

RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
GetTraceEnableLevel
GetTraceLoggerHandle
RegDeleteKeyW
RegDeleteValueW
GetTraceEnableFlags
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegisterTraceGuidsW
UnregisterTraceGuids
TraceMessage

ole32

CoCreateInstance
CoSetProxyBlanket
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc

gdi32

SetBkMode

untfs

Chkdsk
Format
Extend
Recover
ChkdskEx
FormatEx

shell32

ShellExecuteW
SHGetFolderPathW

Sections

text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f803004fc1c944f66379125a1a1265f0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

rpcrt4

msvcrt

advapi32

ole32

gdi32

untfs

shell32

Sections

text Size: 114KB - Virtual size: 113KB

.rdata Size: 170KB - Virtual size: 169KB

.rsrc Size: 26KB - Virtual size: 25KB

text
Size: 114KB - Virtual size: 113KB

.rdata
Size: 170KB - Virtual size: 169KB

.rsrc
Size: 26KB - Virtual size: 25KB