3230e49dc7cb36a3c3d58741c533fd3728ea03711caadba694bfcbeef84b1d84

Sharing

Copy URL

Twitter E-mail

General

Target

3230e49dc7cb36a3c3d58741c533fd3728ea03711caadba694bfcbeef84b1d84
Size

463KB
MD5

6cf43436bafedf00db4072069a1c0670
SHA1

c05aa1fd10aa994a126b1b561d15a8150a5fdcb9
SHA256

3230e49dc7cb36a3c3d58741c533fd3728ea03711caadba694bfcbeef84b1d84
SHA512

9f5a536cfea976ea2c35717b50a75e1201a23cc45606b9b44520dfb6138af8ab54710c27eecb4c1d57b5e0d09dc41c5a0e96b19ac97938627727e1f1d87ffd25
SSDEEP

12288:NkQDI/lAVmFLnyPSu+MolufzyAlqcAi1ep:Nk8ItAwn6Su+Flkl71g

Score

N/A

Malware Config

Signatures

Files

3230e49dc7cb36a3c3d58741c533fd3728ea03711caadba694bfcbeef84b1d84
.exe windows x86

de6898b344087a938c08960af46bd86d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageW
GetDlgItem
SetWindowTextW
wvsprintfW
LoadIconW
DestroyIcon
CallNextHookEx
SetWindowsHookExW
MessageBoxIndirectW
UnhookWindowsHookEx
GetKeyState
MessageBoxA
GetPropW
DefWindowProcW
DrawIconEx
RemovePropW
SetWindowLongW
SetPropW
GetClassNameW
GetWindow
SetFocus
ScreenToClient
GetDlgItemTextW
EndDialog
ShowWindow
EnableWindow
GetWindowRect
CreateWindowExW
GetWindowDC
DrawTextW
ReleaseDC
GetSystemMenu
SetDlgItemTextW
SetWindowPos
GetClientRect
GetDesktopWindow
AdjustWindowRectEx

shell32

ShellExecuteA
SHBrowseForFolderA
Shell_NotifyIconA
SHGetPathFromIDListA
SHGetMalloc

advapi32

RegQueryValueA
RegOpenKeyExA
RegCloseKey

comctl32

ImageList_Add

kernel32

WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CloseHandle
SetFilePointer
ReadFile
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetLocaleInfoW
HeapSize
LCMapStringW
LCMapStringA
LoadLibraryA
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
RaiseException
GetModuleHandleA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
CreateFileA
RtlUnwind
HeapCreate
VirtualAlloc
GlobalMemoryStatusEx
GetThreadTimes
EnumCalendarInfoA
SetConsoleOutputCP
GetPrivateProfileStringA
WideCharToMultiByte
HeapAlloc
InterlockedIncrement
InterlockedDecrement
GetLocalTime
GetSystemTimeAsFileTime
GetCommandLineA
GetStartupInfoA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapFree
VirtualFree
HeapReAlloc
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetLastError
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetACP
GetOEMCP
IsValidCodePage

Sections

.text
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 26.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 244KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de6898b344087a938c08960af46bd86d

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

advapi32

comctl32

kernel32

Sections

.text Size: 193KB - Virtual size: 193KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 6KB - Virtual size: 26.9MB

.rsrc Size: 244KB - Virtual size: 243KB

.text
Size: 193KB - Virtual size: 193KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 6KB - Virtual size: 26.9MB

.rsrc
Size: 244KB - Virtual size: 243KB