e5cdb1c0b7f7c6f52bbd08f922b24a44adb826ab0a55aa54ef7fe184f2959d93

General

Target

e5cdb1c0b7f7c6f52bbd08f922b24a44adb826ab0a55aa54ef7fe184f2959d93
Size

244KB
MD5

6e237e3736e4e2d9762b405ee03d9bdf
SHA1

bec3731e8e31e450644ac87df2bcf86d032578fd
SHA256

e5cdb1c0b7f7c6f52bbd08f922b24a44adb826ab0a55aa54ef7fe184f2959d93
SHA512

ad6116fa24aa7385b320ad07a75ee0f5619fc7eae64331ef263b8498a17081da24c4e0f2dfe0ee4f6b4600afee7814d9b1a334f4b00319dd0903a086e36c50d8
SSDEEP

6144:XQHv1rUeXxNFaatw3L24sCWMb7okJ642:XQBUehN3w3LaCWMfoW6

Score

N/A

Malware Config

Signatures

Files

e5cdb1c0b7f7c6f52bbd08f922b24a44adb826ab0a55aa54ef7fe184f2959d93
.exe windows x86

4421a78c5d8537dfb4c92dd80eb5cdd8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

FindExecutableA
SHGetDataFromIDListA
SHChangeNotify
ShellAboutA
DragAcceptFiles
SHGetFileInfoA
SHFree
DragFinish
SHGetMalloc
SHBindToParent
SHCreateShellItem
DuplicateIcon

kernel32

VirtualProtect
CreateFileMappingA
CloseHandle
GetAtomNameA
GetDateFormatW
GetConsoleAliasA
GetModuleHandleA
LoadLibraryA
WaitForSingleObject
FormatMessageA
lstrcpynA
GetProcessId

user32

IsDialogMessageW
wsprintfA
InsertMenuA
LoadIconA
LoadMenuW
FindWindowExW
DrawStateA
CharToOemA
LoadBitmapA
GetPropW
GetDlgItemTextW
DialogBoxParamA
GetClassLongA
FlashWindow
IsZoomed
LoadCursorA

wtsapi32

WTSVirtualChannelQuery
WTSSetSessionInformationW
WTSEnumerateProcessesA
WTSVirtualChannelOpen
WTSWaitSystemEvent
WTSQuerySessionInformationA
WTSSetUserConfigW
WTSEnumerateSessionsW
WTSEnumerateServersA
WTSQueryUserToken
WTSVirtualChannelClose
WTSLogoffSession
WTSUnRegisterSessionNotification
WTSRegisterSessionNotification
WTSVirtualChannelWrite
WTSVirtualChannelRead
WTSFreeMemory

Sections

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4421a78c5d8537dfb4c92dd80eb5cdd8

Headers

DLL Characteristics

File Characteristics

Imports

shell32

kernel32

user32

wtsapi32

Sections

.text Size: 196KB - Virtual size: 195KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 32KB - Virtual size: 29KB

.text
Size: 196KB - Virtual size: 195KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 32KB - Virtual size: 29KB