dfc5e7d6396e9fda31dda2977d33be072da16bf549bbaa38ece67e7a1c165b26

Sharing

Copy URL Twitter E-mail

General

Target

dfc5e7d6396e9fda31dda2977d33be072da16bf549bbaa38ece67e7a1c165b26
Size

280KB
MD5

6350e5a9fafc4077e35e521577266200
SHA1

3115347743c46556e4a64835600d7b68defa811e
SHA256

dfc5e7d6396e9fda31dda2977d33be072da16bf549bbaa38ece67e7a1c165b26
SHA512

4dc8fb923277de90552146d0ead2d4119db961fa8bc4b1c8f78d2612f6c133cb9e4d9b296cd579e3207cc1819658249744c1fe7e06b0e69fa53da50552cafcab
SSDEEP

6144:vAEtP082pjNBgUcYqbAYfGL+qzN0sJV+qyf1:vAEJ7ScYqMYuL+3YV+3

Score

N/A

Malware Config

Signatures

Files

dfc5e7d6396e9fda31dda2977d33be072da16bf549bbaa38ece67e7a1c165b26
.exe windows x86

9f1a3c789ce1416fd08d37f2e327b29c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

NdrDllUnregisterProxy
NdrOleAllocate
CStdStubBuffer_Disconnect
NdrDllGetClassObject
CStdStubBuffer_DebugServerQueryInterface
NdrOleFree
CStdStubBuffer_Connect
CStdStubBuffer_CountRefs
NdrDllCanUnloadNow
CStdStubBuffer_AddRef
CStdStubBuffer_Invoke
CStdStubBuffer_QueryInterface
NdrCStdStubBuffer_Release
CStdStubBuffer_IsIIDSupported
NdrDllRegisterProxy

user32

MessageBoxW
EnableWindow
GetDialogBaseUnits
SetWindowLongW
GetSystemMetrics
MapWindowPoints
DrawTextW
DialogBoxParamW
SetWindowTextW
CharNextW
SetWindowPos
GetWindowLongW
GetWindow
ShowWindow
LoadStringW
LoadImageW
GetClientRect
GetDlgItemTextW
GetWindowRect
GetParent
SetDlgItemTextW
CreateDialogParamW
SendMessageW
CopyRect
GetDlgItem
SetFocus
SendDlgItemMessageW
SystemParametersInfoW
EndDialog
DestroyWindow

kernel32

GetEnvironmentStringsA
VirtualFree
GetSystemInfo
GetProcAddress
SetUnhandledExceptionFilter
LoadLibraryExW
GetProcessHeap
GetModuleFileNameW
MultiByteToWideChar
lstrcatW
GetCurrentProcess
SizeofResource
HeapFree
InterlockedIncrement
FlushInstructionCache
HeapDestroy
GetTickCount
lstrcpyW
lstrcpynW
DeleteCriticalSection
InterlockedDecrement
SetLastError
lstrcmpiW
QueryPerformanceCounter
GetUserDefaultLCID
FormatMessageW
LocalFree
HeapAlloc
lstrlenA
FreeLibrary
GetCurrentProcessId
OutputDebugStringA
LoadResource
EnterCriticalSection
GetSystemTimeAsFileTime
FindResourceW
lstrlenW
LoadLibraryA
GetLastError
RemoveDirectoryA
LeaveCriticalSection

msvcrt

_adjust_fdiv
malloc
free
wcslen
wcscmp
realloc
??1type_info@@UAE@XZ
swprintf
wcscat
??3@YAXPAX@Z
_except_handler3
__CxxFrameHandler
??2@YAPAXI@Z
_initterm
wcsncpy
?terminate@@YAXXZ

advapi32

GetTraceLoggerHandle
RegSetValueExW
RegOpenKeyExW
TraceMessage
RegQueryValueExW
UnregisterTraceGuids
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW
GetTraceEnableFlags
RegEnumKeyExW
RegisterTraceGuidsW
RegQueryInfoKeyW
GetTraceEnableLevel
RegCloseKey

shell32

SHGetFolderPathW
ShellExecuteW

untfs

Extend
ChkdskEx
Recover
FormatEx
Chkdsk
Format

Sections

text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 918B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f1a3c789ce1416fd08d37f2e327b29c

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

user32

kernel32

msvcrt

advapi32

shell32

untfs

Sections

text Size: 111KB - Virtual size: 111KB

.rdata Size: 165KB - Virtual size: 165KB

.rsrc Size: 1024B - Virtual size: 918B

text
Size: 111KB - Virtual size: 111KB

.rdata
Size: 165KB - Virtual size: 165KB

.rsrc
Size: 1024B - Virtual size: 918B