9e1810f6315bf4064e20d6d345a096b2b2f6be469c939c2cc06836ec61189e76

Sharing

Copy URL Twitter E-mail

General

Target

9e1810f6315bf4064e20d6d345a096b2b2f6be469c939c2cc06836ec61189e76
Size

830KB
MD5

01d4455d32a26acdd2a12ba36001bf6a
SHA1

4a8bc61b20227e53698b692ed9ddbc07e49a1562
SHA256

9e1810f6315bf4064e20d6d345a096b2b2f6be469c939c2cc06836ec61189e76
SHA512

6b82b88c65fd896afa46516943191361d545344cdca47214b53f09a03e250bb34a8f203c3e07207e6f78dc45ef4bab7e97a0e5b654bced680419037016178a0f
SSDEEP

24576:Re7YWFT1oV1FshVNOI9KvocpspWhFF1u:RGdW+gN6pW/u

Score

N/A

Malware Config

Signatures

Files

9e1810f6315bf4064e20d6d345a096b2b2f6be469c939c2cc06836ec61189e76
.exe windows x86

60159ca115fac328e053c3235fad8482

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathRemoveBackslashA
ColorHLSToRGB
PathMatchSpecW
PathSetDlgItemPathW
SHRegSetPathW
SHSetValueA
PathGetDriveNumberA
UrlIsNoHistoryW
SHOpenRegStream2A
UrlCompareW
PathIsDirectoryA
PathIsUNCServerShareA
SHLoadIndirectString
SHRegEnumUSValueA
StrFormatByteSizeW

user32

RecordShutdownReason
KillTimer
SetMenuContextHelpId
MonitorFromPoint
CreateMDIWindowA
EnumPropsExA
DdeEnableCallback
SetClassLongW
GetClassInfoW
GetTaskmanWindow
UnregisterHotKey
EnumWindows
BuildReasonArray
DdeAddData
GetKeyNameTextA
TranslateMessageEx
GetWindowLongW
PrivateExtractIconExA
TranslateMessage
DefMDIChildProcW
ShowCursor
SetSystemMenu
LoadMenuIndirectA
CreateWindowExW
MapVirtualKeyExA
DispatchMessageA
EnumWindowStationsA
CtxInitUser32
EnumDisplayDevicesA
InvalidateRect
GetMenuItemID
SetMessageQueue
GetMenuItemInfoA
RealGetWindowClassW
ChangeMenuA
GetMenuItemRect
RedrawWindow

gdi32

CreateRectRgn
GetCharABCWidthsA
StartDocA
DdEntry44
GdiGetDC
EngGetDriverName
SetMetaRgn
EngDeleteClip

kernel32

ClearCommBreak
GetSystemTimeAsFileTime
GetACP
IsValidLocale
CreateMutexA
IsBadCodePtr
AddConsoleAliasW
LoadLibraryA
GetCurrentProcess
GlobalAlloc

rasman

RasSecurityDialogGetInfo
RasSendCreds
RasRpcGetVersion
RasAddNotification
RasRpcConnect

Sections

.text
Size: 404KB - Virtual size: 403KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 181KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60159ca115fac328e053c3235fad8482

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

user32

gdi32

kernel32

rasman

Sections

.text Size: 404KB - Virtual size: 403KB

.rdata Size: 89KB - Virtual size: 88KB

.data Size: 181KB - Virtual size: 1.6MB

.rsrc Size: 154KB - Virtual size: 153KB

.reloc Size: 1024B - Virtual size: 976B

.text
Size: 404KB - Virtual size: 403KB

.rdata
Size: 89KB - Virtual size: 88KB

.data
Size: 181KB - Virtual size: 1.6MB

.rsrc
Size: 154KB - Virtual size: 153KB

.reloc
Size: 1024B - Virtual size: 976B