18249f559af27ea874a2d2f6f67550e746f52f9bb424cea961e219da62200c63

General

Target

18249f559af27ea874a2d2f6f67550e746f52f9bb424cea961e219da62200c63
Size

228KB
MD5

66ca95091c820cef0cce747330b7290f
SHA1

66ddc0862fb716f98649f32a6e3d9f52b44e9058
SHA256

18249f559af27ea874a2d2f6f67550e746f52f9bb424cea961e219da62200c63
SHA512

12c43ffaf8a0de985318641499a864118ab347dff0df28c575bfa4f153ef54a3adc567a7064886aed1959ffad8cf68f3b1c4c3755cbab9d2fefab81772dd5a05
SSDEEP

6144:O5vn2uXza3PkVSeWuqqe4VO+gnv7MLAudyDGfQ:OIuXzRVxx7VHgQL7dyK

Score

N/A

Malware Config

Signatures

Files

18249f559af27ea874a2d2f6f67550e746f52f9bb424cea961e219da62200c63
.exe windows x86

0579be7911a867d4dc4ab1da7167c19a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragQueryPoint
DragQueryFileA
ShellMessageBoxA
SHGetDesktopFolder
FindExecutableA
SHGetFileInfoA
DuplicateIcon
SHGetDiskFreeSpaceA
SHFree
SHGetDataFromIDListA
DragFinish

user32

IsZoomed
GetPropW
LoadCursorW
DispatchMessageW
LoadIconA
CharToOemA
LoadMenuW
IsMenu
IsDialogMessageW
LoadBitmapA
PostMessageW
DialogBoxParamA
InsertMenuA
GetDlgItemTextW

wtsapi32

WTSSetSessionInformationW
WTSVirtualChannelWrite
WTSVirtualChannelPurgeInput
WTSRegisterSessionNotification
WTSQuerySessionInformationA
WTSQueryUserToken
WTSEnumerateProcessesA
WTSFreeMemory
WTSVirtualChannelOpen
WTSVirtualChannelRead
WTSOpenServerW
WTSSendMessageA
WTSEnumerateServersA
WTSLogoffSession
WTSEnumerateSessionsW

kernel32

LoadLibraryW
VirtualProtectEx
GetConsoleTitleW
GetModuleHandleA
MapViewOfFile
lstrcpynA
CloseHandle
WaitForSingleObject
CreateFileMappingA
GetLogicalDriveStringsW
GetGeoInfoW
GetNumberFormatW
GetFullPathNameW
GetExitCodeProcess
GetDriveTypeA

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0579be7911a867d4dc4ab1da7167c19a

Headers

DLL Characteristics

File Characteristics

Imports

shell32

user32

wtsapi32

kernel32

Sections

.text Size: 32KB - Virtual size: 31KB

.data Size: 16KB - Virtual size: 14KB

.rsrc Size: 176KB - Virtual size: 174KB

.text
Size: 32KB - Virtual size: 31KB

.data
Size: 16KB - Virtual size: 14KB

.rsrc
Size: 176KB - Virtual size: 174KB