d06ad0a09d719174c0b60108a7e0cd9526f60e1f64f1570b7c4f82145efc3e4a

Sharing

Copy URL Twitter E-mail

General

Target

d06ad0a09d719174c0b60108a7e0cd9526f60e1f64f1570b7c4f82145efc3e4a
Size

226KB
MD5

6f975d183f1084ba560ce6ac58e435b0
SHA1

7f3fe0e7fc8cd438f2c12454ccbf20b4a77e9df7
SHA256

d06ad0a09d719174c0b60108a7e0cd9526f60e1f64f1570b7c4f82145efc3e4a
SHA512

5be20e9f05730c1314e7ddad295ba2186f1df62b7e7bd3709ba515df867eda2eab7723abe8634627dea2734d643efa20e268f805ace70aa16dfab732addb0c29
SSDEEP

1536:yaxnKufLk8R3cS78lmhwRtSZVWWhKJQUf1PbJd4AEkp0Z0y5mMbcSIQU4Y6SrC8:9kRMhKJdA5kpO0y1IEig8

Score

N/A

Malware Config

Signatures

Files

d06ad0a09d719174c0b60108a7e0cd9526f60e1f64f1570b7c4f82145efc3e4a
.exe windows x86

1e1e8ed323f47eb09d35f5c4bb27a914

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyIcon
LoadCursorA
MoveWindow
SendMessageA
GetDC
GetWindowRect
SetWindowLongA
GetDlgItem
EndDialog
ClientToScreen
CallWindowProcA
GetWindowPlacement
DrawTextA
SetDlgItemTextW
InvalidateRect
LoadIconA
SetWindowPlacement
GetClientRect
SetCursor
SetWindowTextA
GetSystemMetrics
GetSysColor

shell32

ShellExecuteA
SHBrowseForFolderW
SHFileOperationW
CommandLineToArgvW
SHGetPathFromIDListW
SHGetMalloc
ExtractIconExW

ole32

CoInitialize

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
AllocateAndInitializeSid
FreeSid

gdi32

GetObjectA
SelectObject

comctl32

ImageList_Create
InitCommonControlsEx
ImageList_ReplaceIcon

psapi

GetModuleFileNameExW
EnumProcessModules

shlwapi

PathRemoveFileSpecW
wvnsprintfA
PathIsDirectoryW
PathStripPathW
PathFindExtensionW
StrStrA
StrStrW

kernel32

GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
RtlUnwind
HeapReAlloc
HeapAlloc
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
GetStringTypeW
LeaveCriticalSection
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
IsValidCodePage
GetOEMCP
GetLocaleInfoA
HeapSize
MoveFileExW
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapFree
VirtualFree
HeapCreate
InterlockedDecrement
GetExitCodeProcess
ReleaseMutex
ClearCommBreak
SetHandleInformation
CancelWaitableTimer
GetProcessAffinityMask
DeactivateActCtx
GetFileTime
GetCurrentThread
GetThreadTimes
EncodePointer
GlobalCompact
GetNumaNodeProcessorMask
CancelDeviceWakeupRequest
GlobalUnlock
GetNamedPipeInfo
RequestDeviceWakeup
VirtualAlloc
OpenProcess
ContinueDebugEvent
GetProcessId
ConvertThreadToFiber
SetStdHandle
SetSystemTimeAdjustment
GetNamedPipeHandleStateW
LocalUnlock
LocalShrink
ReleaseSemaphore
FindNextChangeNotification
IsWow64Process
GetCommTimeouts
GlobalUnfix
FlushInstructionCache
PeekNamedPipe
FlushFileBuffers
SetLastError
PulseEvent
GetCurrentProcess
LoadLibraryA
Process32FirstW
Module32NextW
WaitForSingleObject
SetFileAttributesW
CreateRemoteThread
lstrcmpA
VirtualAllocEx
lstrcpyA
GlobalFree
lstrcmpiW
DeleteFileW
FindNextFileW
lstrlenW
CreateFileA
lstrlenA
WriteProcessMemory
ReadFile
QueryDosDeviceA
GlobalAlloc
GlobalLock
CreateThread
GetFileAttributesW
FindClose
lstrcpyW
CloseHandle
VirtualFreeEx
FindFirstFileW
WriteFile
GetCommandLineA
GetStartupInfoA
GetProcAddress
GetModuleHandleA
SetUnhandledExceptionFilter
GetModuleHandleW
Sleep
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e1e8ed323f47eb09d35f5c4bb27a914

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

ole32

advapi32

gdi32

comctl32

psapi

shlwapi

kernel32

Sections

.text Size: 75KB - Virtual size: 74KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 116KB - Virtual size: 5.5MB

.rsrc Size: 21KB - Virtual size: 21KB

.text
Size: 75KB - Virtual size: 74KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 116KB - Virtual size: 5.5MB

.rsrc
Size: 21KB - Virtual size: 21KB