10fcb905c4a9e6f42c1d7cfd799a59a6c53ebad3fdf624b68204079b0a83642b

Sharing

Copy URL Twitter E-mail

General

Target

10fcb905c4a9e6f42c1d7cfd799a59a6c53ebad3fdf624b68204079b0a83642b
Size

463KB
MD5

669bae81604d5fe6225387eabb19b790
SHA1

96627dfd7fea47fca3ef5151ecdfec02003184da
SHA256

10fcb905c4a9e6f42c1d7cfd799a59a6c53ebad3fdf624b68204079b0a83642b
SHA512

56f7e33b523e7f269d7ef0ca011b893ec62283222d71bdbb996ee784c9ec23248cdf6a88ab85c3a6a64e1c4f2a179bd256df82f48c7e45c403b30b24ad088551
SSDEEP

12288:kq66cSdFWoGkXjEi356po1g0IyQhxtuwm9PSyf:kq66aoRXj53Ko+0VQhxtoayf

Score

N/A

Malware Config

Signatures

Files

10fcb905c4a9e6f42c1d7cfd799a59a6c53ebad3fdf624b68204079b0a83642b
.exe windows x86

d92af21f467a097abfd88c2d9b9c88b3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
SetEnvironmentVariableA
GetLastError
GetProcessHeap
HeapFree
HeapAlloc
CreateDirectoryW
SetLastError
MapViewOfFile
UnmapViewOfFile
CreateFileW
CreateFileMappingW
OpenFileMappingW
CloseHandle
OutputDebugStringW
GetCommandLineW
GetCurrentProcess
GetModuleHandleW
GetModuleFileNameW
GetTempPathW
GetProcAddress
GetCurrentProcessId
InterlockedIncrement
InterlockedCompareExchange
WideCharToMultiByte
MultiByteToWideChar
CreateProcessW
MoveFileExW
WaitForSingleObject
GlobalAlloc
CopyFileW
GetExitCodeProcess
FileTimeToSystemTime
GlobalFree
GetFileTime
GetCurrentThreadId
DeleteFileW
SetFileAttributesW
SetFilePointer
WriteFile
FormatMessageW
ExitThread
CreateEventW
WaitForMultipleObjects
DuplicateHandle
LocalFree
CreateThread
FindFirstFileW
FindClose
LocalAlloc
FindNextFileW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetSystemDirectoryW
RemoveDirectoryW
CreateMutexW
OpenMutexW
ReleaseMutex
GetFileSize
Sleep
ReadFile
FlushFileBuffers
DeleteFileA
HeapReAlloc
GetSystemTimeAsFileTime
GetStartupInfoW
FileTimeToLocalFileTime
GetDriveTypeW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedDecrement
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSize
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetFullPathNameW
GetCurrentDirectoryA
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetModuleHandleA
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetLocaleInfoA
FreeLibrary
LoadLibraryA
GetConsoleCP
GetConsoleMode
GetDriveTypeA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CompareStringA
CompareStringW

user32

DefWindowProcW
EndPaint
DestroyWindow
GetWindowRect
GetWindowDC
SetForegroundWindow
DialogBoxParamW
GetParent
TrackMouseEvent
GetClientRect
BeginPaint
SystemParametersInfoW
GetForegroundWindow
GetWindowLongW
GetWindowTextW
ReleaseDC
SetWindowLongW
EndDialog
SetWindowPos
CheckDlgButton
IsDlgButtonChecked
CreateWindowExW
MessageBoxW
SendMessageW
CallWindowProcW
GetSystemMetrics
GetDC
InvalidateRect

gdi32

CreateSolidBrush
GetStockObject
SelectObject
DeleteObject
SetBkMode
CreateFontIndirectW
GetTextExtentPoint32W
GetObjectW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

imm32

ImmDisableIME

comctl32

InitCommonControlsEx

advapi32

RegCloseKey
RegEnumKeyW
RegCreateKeyExW
RegQueryValueExW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
GetSidLengthRequired
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
InitializeAcl
GetNamedSecurityInfoW
SetNamedSecurityInfoW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAceEx
LookupAccountSidW
GetTokenInformation
OpenProcessToken
RegSetValueExW
RegOpenKeyExW
RegQueryInfoKeyW

shell32

ShellExecuteExW
SHGetSpecialFolderPathW
SHFileOperationW
ShellExecuteW

Sections

.text
Size: 265KB - Virtual size: 265KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 91KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d92af21f467a097abfd88c2d9b9c88b3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

version

imm32

comctl32

advapi32

shell32

Sections

.text Size: 265KB - Virtual size: 265KB

.rdata Size: 83KB - Virtual size: 83KB

.data Size: 17KB - Virtual size: 28KB

.rsrc Size: 91KB - Virtual size: 92KB

.text
Size: 265KB - Virtual size: 265KB

.rdata
Size: 83KB - Virtual size: 83KB

.data
Size: 17KB - Virtual size: 28KB

.rsrc
Size: 91KB - Virtual size: 92KB