47548dc261351f7d453c7c8354dce9fa5507e102b2dea82b4e136cbb594d524f

Sharing

Copy URL Twitter E-mail

General

Target

47548dc261351f7d453c7c8354dce9fa5507e102b2dea82b4e136cbb594d524f
Size

455KB
MD5

3a9e3f2f68b904758da0aab8a8f6a600
SHA1

57b6879ca5a4cc7523bef945c9b43d49fd77d93d
SHA256

47548dc261351f7d453c7c8354dce9fa5507e102b2dea82b4e136cbb594d524f
SHA512

dd692e63f3cb29602c26e90a46c1f19fb234290dc8f3fb0e03c89ab91debb28316bd3d854e7760e25b648add45d3a8eea1080da76600b8084480657d17b11721
SSDEEP

12288:vKWRlHtCFilktvxCDcph+DHiAayB9Nf7H:18YKKcrVK9Nz

Score

N/A

Malware Config

Signatures

Files

47548dc261351f7d453c7c8354dce9fa5507e102b2dea82b4e136cbb594d524f
.exe windows x86

81af4b3171874fb086d1d1cc539da6c4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Destroy
ImageList_GetIconSize
CreatePropertySheetPageW
ImageList_Draw
InitCommonControlsEx
PropertySheetW
CreateToolbarEx

shell32

Shell_NotifyIconW
SHGetFileInfoW

advapi32

RegQueryValueExA
RegDeleteKeyA
RegSetValueExA
CryptAcquireContextA
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegEnumValueA
RegCreateKeyExA
RegDeleteValueA
CryptSetProviderA
RegEnumKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
CryptSignHashA
RegEnumValueW
RegQueryInfoKeyA
RegEnumKeyExA
CryptVerifySignatureA
RegDeleteValueW

kernel32

FreeEnvironmentStringsW
GetFileTime
GlobalFlags
InterlockedIncrement
TerminateProcess
IsDebuggerPresent
Sleep
VirtualFree
SetUnhandledExceptionFilter
LockResource
lstrcmpA
DeleteCriticalSection
GetVersion
GetEnvironmentStrings
GetModuleFileNameW
DuplicateHandle
SetEvent
GetFileSize
LocalAlloc
FileTimeToLocalFileTime
GlobalLock
MoveFileW
MulDiv
SetLastError
GetModuleHandleA
CreateEventW
GetCurrentThreadId
InterlockedExchange
FindClose
ExitThread
LCMapStringW
TlsSetValue
FlushFileBuffers
TlsFree
lstrlenW
CopyFileW
GlobalFindAtomW
GlobalGetAtomNameW
GetAtomNameW
GetStdHandle
LCMapStringA
SetFileAttributesW
GetShortPathNameW
SuspendThread
GetFullPathNameW
SetEndOfFile
LoadLibraryA
SetFilePointer
LocalFileTimeToFileTime
SetErrorMode
GetPrivateProfileIntW
LoadResource
LeaveCriticalSection
FindNextFileW
EnumResourceLanguagesW
GetVersionExW
TlsGetValue
CompareStringW
FileTimeToSystemTime
GetProcessHeap
InterlockedDecrement
HeapAlloc
GetLastError
GetEnvironmentStringsW
DeleteFileW
GlobalUnlock
GetPrivateProfileStringW
GetStringTypeExW
SetFileTime
FindResourceW
GetVersionExA
GetVolumeInformationW
HeapCreate
WideCharToMultiByte
SetCurrentDirectoryA
CreateThread
GetUserDefaultLCID
ConvertDefaultLocale
SystemTimeToFileTime
SetThreadPriority
EnterCriticalSection
FreeEnvironmentStringsA
GetStartupInfoW
HeapSize
GetCommandLineA
GetThreadLocale
RaiseException
FreeResource
GetOEMCP
GetCPInfo
GetFileAttributesW
WritePrivateProfileStringW
HeapFree
TlsAlloc
lstrcmpW
GetSystemInfo
IsValidCodePage
GlobalReAlloc
FormatMessageW
CreateProcessW
FatalAppExitA
SetHandleCount
GetACP
GlobalHandle
GetCurrentProcess
GetFileAttributesA
WaitForSingleObject
RtlUnwind
GetCommandLineW
CloseHandle
LocalReAlloc
VirtualAlloc
GlobalAddAtomW
lstrcpyA
InitializeCriticalSection
ResumeThread
CompareStringA
GetDriveTypeW
ReadFile
GlobalFree
GetCurrentProcessId
GlobalAlloc
FindFirstFileW
ExitProcess
ResetEvent
lstrcmpiW
GetLocaleInfoW
UnlockFile
GlobalSize
HeapReAlloc
GetCurrentDirectoryA
HeapDestroy
SizeofResource
WriteFile
GlobalDeleteAtom
LockFile
lstrlenA
CreateFileW
UnhandledExceptionFilter
GetCurrentThread

rpcrt4

RpcBindingFromStringBindingW
RpcRevertToSelf

comdlg32

GetOpenFileNameA
PrintDlgA

crypt32

CryptUnprotectData
CertFreeCertificateContext
CertFindCertificateInStore
CertCloseStore
CertOpenStore

dnsapi

DnsApiFree
DnsValidateName_W
DnsApiAlloc

ws2_32

WSAAddressToStringW
WSALookupServiceNextW
WSASendTo
getnameinfo
WSALookupServiceEnd
freeaddrinfo
getaddrinfo
WSALookupServiceBeginW
WSARecvFrom
WSAEventSelect
WSAStringToAddressA
WSAIoctl
WSASocketW
WSAAddressToStringA

msvcrt

sprintf
atol
wcschr
_ultoa
_ltow
_wcsnicmp
qsort
free
_itow
_except_handler3
wcslen
wcscpy
__dllonexit
_onexit
_wcsicmp
memmove
malloc
isdigit
bsearch
wcscmp
_initterm
_adjust_fdiv
strncpy
isxdigit
_snwprintf

Sections

.data
Size: 344KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81af4b3171874fb086d1d1cc539da6c4

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

shell32

advapi32

kernel32

rpcrt4

comdlg32

crypt32

dnsapi

ws2_32

msvcrt

Sections

.data Size: 344KB - Virtual size: 1.8MB

.rsrc Size: 16KB - Virtual size: 15KB

.rdata Size: 15KB - Virtual size: 14KB

.text Size: 79KB - Virtual size: 78KB

.data
Size: 344KB - Virtual size: 1.8MB

.rsrc
Size: 16KB - Virtual size: 15KB

.rdata
Size: 15KB - Virtual size: 14KB

.text
Size: 79KB - Virtual size: 78KB