7173c1f697d7ace12cf248aebaba67dbe4b0585fc48d68d95060d000611522e5

Sharing

Copy URL

Twitter E-mail

General

Target

7173c1f697d7ace12cf248aebaba67dbe4b0585fc48d68d95060d000611522e5
Size

128KB
MD5

6c41af7c104c25dc3e1969890444d32c
SHA1

50c29a13f643f235b6205edec814d767c04a6ecc
SHA256

7173c1f697d7ace12cf248aebaba67dbe4b0585fc48d68d95060d000611522e5
SHA512

9a7d47e5a4fcbc2e335431b35c56c20c9d8593619e8a8da8eeef96b186e52d24afd8655d16d0dde706376826e0baebbee1e891ec218a01023b1d2e9eb478b685
SSDEEP

3072:leIBRGdZna55/6zho2frq/oUqQHyHJBQOCWazuFErf:gURG7na5szhLzq/5uJ/n5E

Score

N/A

Malware Config

Signatures

Files

7173c1f697d7ace12cf248aebaba67dbe4b0585fc48d68d95060d000611522e5
.exe windows x86

617138cbbeff003741e8ca4c4d598c49

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

CreateStubFromTypeInfo
NdrByteCountPointerUnmarshall
NdrAsyncServerCall
CStdStubBuffer_CountRefs
DceErrorInqTextW
NDRCContextMarshall
MesDecodeIncrementalHandleCreate
DllRegisterServer
NdrByteCountPointerBufferSize
NDRSContextMarshall
NdrClientInitialize
NDRCContextBinding
NDRSContextMarshallEx
MesBufferHandleReset
NdrAllocate
NdrAsyncClientCall
MesEncodeFixedBufferHandleCreate
MesInqProcEncodingId
NdrByteCountPointerFree
MesIncrementalHandleReset
MesHandleFree
NDRcopy
DllGetClassObject

crypt32

CertControlStore

user32

EnableWindow
GetClientRect
GetWindowRect
GetSystemMetrics
ReleaseDC
EndDialog
GetDlgItem
MessageBoxA
ShowWindow
GetDC
TranslateMessage
LoadStringW

gdi32

RestoreDC
GetDeviceCaps
GetTextExtentPointA
GetObjectA
SelectClipRgn
CreateCompatibleDC
MoveToEx
CreateSolidBrush
SelectObject
GetStockObject
BitBlt
DeleteDC
CreatePalette
SetBkColor
CreateFontIndirectA
LineTo
CreateRectRgn
UnrealizeObject
GetSystemPaletteEntries
SaveDC
GetTextMetricsA
SetTextColor
CreateDIBitmap
RealizePalette
SelectPalette
CreatePen

oleacc

DllCanUnloadNow
GetOleaccVersionInfo
IID_IAccessible
GetRoleTextW
GetStateTextW
CreateStdAccessibleObject
AccessibleObjectFromWindow
CreateStdAccessibleProxyW
GetStateTextA
AccessibleObjectFromPoint
CreateStdAccessibleProxyA
AccessibleChildren
LIBID_Accessibility
IID_IAccessibleHandler
DllUnregisterServer
AccessibleObjectFromEvent
GetRoleTextA
LresultFromObject
WindowFromAccessibleObject
ObjectFromLresult
DllGetClassObject

ole32

CoCreateInstance
CLIPFORMAT_UserUnmarshal
CoBuildVersion
CLIPFORMAT_UserFree
CoAddRefServerProcess
OleSetClipboard
CoCopyProxy
CoCreateObjectInContext
CoCreateInstanceEx
BindMoniker
CLSIDFromProgID
CoCreateFreeThreadedMarshaler
OleInitialize
CoDeactivateObject
CoCancelCall
CoAllowSetForegroundWindow
CLSIDFromProgIDEx
OleGetClipboard
CoDisableCallCancellation
CLIPFORMAT_UserSize

msvcrt

_local_unwind2
_iob
_adjust_fdiv
wcsncpy
realloc
strtol
_except_handler3
_wtoi
_onexit
fwrite
_snwprintf
wcsncmp
_initterm
_ftol
wcscmp
_wcsicmp
swprintf
_strnicmp
wcscpy
__dllonexit
wcslen
_itow
malloc

version

VerLanguageNameA
GetFileVersionInfoSizeW

ws2_32

connect
send
WSAGetLastError
socket
accept
recv
WSACleanup

kernel32

GetFileAttributesA
FlushConsoleInputBuffer
RaiseException
LoadLibraryExA
FindClose
GetLogicalDrives
SetEndOfFile
WaitForSingleObject
ReadConsoleInputW
GlobalMemoryStatus
SetErrorMode
GetCurrentProcessId
CopyFileA
GetConsoleMode
CompareStringA
ReadConsoleA
GetFullPathNameA
GetVersionExA
GetEnvironmentVariableA
lstrcmpiA
InterlockedIncrement
SetConsoleCursorInfo
RemoveDirectoryA
CreateMutexA
GetFileInformationByHandle
SetConsoleOutputCP
FileTimeToLocalFileTime
SearchPathA
GetLargestConsoleWindowSize
GetDiskFreeSpaceA
CreateProcessA
CreateFileA
GetComputerNameA
WriteConsoleInputW
ReleaseMutex
ReadConsoleW
DeleteCriticalSection
SetStdHandle
FlushFileBuffers
MoveFileExA
GetVolumeInformationA
GetConsoleOutputCP
SetConsoleCtrlHandler
FormatMessageA
GetModuleFileNameA
SetLastError
GetLocaleInfoA
WriteFile
FindFirstChangeNotificationA
ReadConsoleOutputA
ReadConsoleOutputW
GetTickCount
IsBadWritePtr
EnterCriticalSection
SetConsoleWindowInfo
UnmapViewOfFile
AllocConsole
GetConsoleCP
SetConsoleTitleA
LoadLibraryA
GetFileSize
GetFileType
LocalFileTimeToFileTime
SystemTimeToFileTime
GetNumberFormatA
SetFileTime
GetCompressedFileSizeA
MoveFileA
ReadFile
LeaveCriticalSection
GetSystemTime
GetShortPathNameA
GetLastError
SetConsoleCP
FindNextFileA
WriteConsoleOutputW
TerminateProcess
VirtualAlloc
SetFileApisToANSI
CreateDirectoryA
SetConsoleMode
SetConsoleTextAttribute
DeleteFileA
PeekConsoleInputA
ExpandEnvironmentStringsA
GetConsoleScreenBufferInfo
CreateFileMappingA
BackupWrite
GetStdHandle
GetSystemTimeAsFileTime
GetFileTime
GetConsoleCursorInfo
FreeLibrary
GetCurrentThreadId
SetFileApisToOEM
FindFirstFileA
IsBadCodePtr
WriteConsoleOutputA
IsBadReadPtr
SetConsoleScreenBufferSize
InterlockedDecrement
FreeConsole
SetCurrentDirectoryA
FileTimeToDosDateTime
SetConsoleCursorPosition
DefineDosDeviceA
SetFilePointer
GetCurrentDirectoryA
PeekConsoleInputW
ReadConsoleInputA
QueryDosDeviceA
SetEnvironmentVariableA
WaitForMultipleObjects
FindCloseChangeNotification
OpenProcess
SetConsoleActiveScreenBuffer
InitializeCriticalSection
GetModuleHandleA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

617138cbbeff003741e8ca4c4d598c49

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

crypt32

user32

gdi32

oleacc

ole32

msvcrt

version

ws2_32

kernel32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 108KB - Virtual size: 112KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 108KB - Virtual size: 112KB

.rsrc
Size: 8KB - Virtual size: 8KB