51f7cda1c59bad62abc5d046c618719293e44a6fb29ad1df13165b481b8eb465

General

Target

51f7cda1c59bad62abc5d046c618719293e44a6fb29ad1df13165b481b8eb465
Size

642KB
MD5

5b20210f00e3ca39d7af9e9aa68ff590
SHA1

5de8669ee4e606b520b57204061cb712c6c81fa7
SHA256

51f7cda1c59bad62abc5d046c618719293e44a6fb29ad1df13165b481b8eb465
SHA512

d22e0858b6a81e34bb8679bd71101a4ee4f8eada10f09c830becfbc6c85b37a1a22b1692cd5346af0194c4a35a523383fa52949768b02e700c98d7a03cf0573a
SSDEEP

12288:Tr1ShVjNPd1j/GoMVVYbR2wJrRLFAXuZ0C7gAlmuy9:uVZd9G9VWlnJrRLFA+Z0ylmu

Score

N/A

Malware Config

Signatures

Files

51f7cda1c59bad62abc5d046c618719293e44a6fb29ad1df13165b481b8eb465
.exe windows x86

8faa56d3dc03118a5977795d31fd3db7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

ImageList_Draw
ImageList_SetDragCursorImage
ImageList_Create
ImageList_SetOverlayImage
CreatePropertySheetPageA

advapi32

RegSetValueA
RegQueryMultipleValuesA
GetLengthSid
RevertToSelf
AreAllAccessesGranted
GetTokenInformation
CryptImportKey
LsaCreateAccount
RegQueryInfoKeyA
GetSidIdentifierAuthority
ControlService
CryptCreateHash
RegisterTraceGuidsW

kernel32

GetModuleFileNameA
GetCommandLineW
GetFileTime
GetExitCodeThread
EnumResourceTypesA
lstrcpyA
SetLastError
FindFirstVolumeMountPointW
VirtualAlloc
InterlockedExchange
HeapCreate
IsProcessorFeaturePresent
OpenJobObjectW

tapi32

lineInitialize
lineMakeCallA
phoneGetDevCapsW
lineOpenW
tapiGetLocationInfoW

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 585KB - Virtual size: 962KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 114B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 134B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8faa56d3dc03118a5977795d31fd3db7

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

advapi32

kernel32

tapi32

Sections

.text Size: 14KB - Virtual size: 13KB

.edata Size: 585KB - Virtual size: 962KB

.data Size: 1024B - Virtual size: 114B

.data Size: 1024B - Virtual size: 134B

.rsrc Size: 39KB - Virtual size: 38KB

.reloc Size: 1024B - Virtual size: 136B

.text
Size: 14KB - Virtual size: 13KB

.edata
Size: 585KB - Virtual size: 962KB

.data
Size: 1024B - Virtual size: 114B

.data
Size: 1024B - Virtual size: 134B

.rsrc
Size: 39KB - Virtual size: 38KB

.reloc
Size: 1024B - Virtual size: 136B