5804cccaea65d9734951e8963fe0ce4fc15c64bef9eb1170cffaa323081bb48d

Sharing

Copy URL Twitter E-mail

General

Target

5804cccaea65d9734951e8963fe0ce4fc15c64bef9eb1170cffaa323081bb48d
Size

276KB
MD5

59945f7c6e39f8930b618e2a9cacc6d0
SHA1

b8c3742e0cedbfae8c4cf9f746450816f6a1fe56
SHA256

5804cccaea65d9734951e8963fe0ce4fc15c64bef9eb1170cffaa323081bb48d
SHA512

846e20e4b47257039f1fe30b3f9228f51491b43d5dd8ab01ccee67877003c69e134db6d84a437fcbeaa39c21764e195e9ad64188a2e2d5f40e5550516d3f4b65
SSDEEP

6144:Sa74XuNCgyO4gdt/N3rfGbGbDQel/sopXOlePYqgwXoc536D:Spu97luGbDZ/soXWejgWU

Score

N/A

Malware Config

Signatures

Files

5804cccaea65d9734951e8963fe0ce4fc15c64bef9eb1170cffaa323081bb48d
.exe windows x86

a205fa0ea734b0e21d1d0e8f3472ad7c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
lstrlenW
GetLastError
FlushInstructionCache
LoadLibraryA
SizeofResource
LoadLibraryExW
HeapAlloc
GetUserDefaultLCID
InterlockedIncrement
QueryPerformanceCounter
HeapDestroy
GetProcAddress
FreeLibrary
lstrlenA
GetSystemInfo
GetEnvironmentStringsA
GetCurrentProcess
VirtualFree
OutputDebugStringA
FormatMessageW
lstrcpynW
InterlockedDecrement
SetLastError
GetCurrentProcessId
LoadResource
lstrcmpiW
LeaveCriticalSection
GetSystemTimeAsFileTime
GetTickCount
HeapFree
DeleteCriticalSection
lstrcatW
MultiByteToWideChar
GetModuleFileNameW
EnterCriticalSection
lstrcpyW
LocalFree
SetUnhandledExceptionFilter
FindResourceW
RemoveDirectoryA

untfs

Format
FormatEx
Chkdsk
Recover
Extend
ChkdskEx

rpcrt4

CStdStubBuffer_Invoke
CStdStubBuffer_QueryInterface
NdrDllGetClassObject
CStdStubBuffer_DebugServerQueryInterface
NdrDllUnregisterProxy
NdrOleFree
NdrOleAllocate
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_CountRefs
CStdStubBuffer_AddRef
NdrDllRegisterProxy
CStdStubBuffer_Disconnect
CStdStubBuffer_Connect
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release

user32

LoadStringW
SetWindowLongW
CopyRect
SetDlgItemTextW
LoadImageW
GetWindowRect
ShowWindow
GetParent
DrawTextW
SendDlgItemMessageW
CharNextW
CreateDialogParamW
GetWindow
EnableWindow
GetClientRect
DestroyWindow
GetWindowLongW
GetDlgItemTextW
MessageBoxW
SystemParametersInfoW
MapWindowPoints
SetWindowPos
SetWindowTextW
GetDialogBaseUnits
DialogBoxParamW
SendMessageW
SetFocus
EndDialog
GetSystemMetrics
GetDlgItem

msvcrt

free
realloc
_except_handler3
?terminate@@YAXXZ
wcsncpy
swprintf
wcscmp
_adjust_fdiv
malloc
_initterm
??2@YAPAXI@Z
??1type_info@@UAE@XZ
wcscat
wcslen
??3@YAXPAX@Z
__CxxFrameHandler

advapi32

TraceMessage
RegDeleteKeyW
RegQueryValueExW
GetTraceLoggerHandle
UnregisterTraceGuids
RegisterTraceGuidsW
RegOpenKeyExW
RegDeleteValueW
GetTraceEnableFlags
RegQueryInfoKeyW
GetTraceEnableLevel
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegEnumKeyExW

shell32

SHGetFolderPathW
ShellExecuteW

Sections

text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 918B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a205fa0ea734b0e21d1d0e8f3472ad7c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

untfs

rpcrt4

user32

msvcrt

advapi32

shell32

Sections

text Size: 110KB - Virtual size: 109KB

.rdata Size: 163KB - Virtual size: 163KB

.rsrc Size: 1024B - Virtual size: 918B

text
Size: 110KB - Virtual size: 109KB

.rdata
Size: 163KB - Virtual size: 163KB

.rsrc
Size: 1024B - Virtual size: 918B