e7901f8e11385cff96d1d14f654c1295603e13e8a0a891a1be6153b5b24c0b7a

Sharing

Copy URL Twitter E-mail

General

Target

e7901f8e11385cff96d1d14f654c1295603e13e8a0a891a1be6153b5b24c0b7a
Size

124KB
MD5

4b7e9fc2b7128f85bac507880d54dd50
SHA1

f4eab496577743f0d47e0ae3dba29e4b0c32cbb4
SHA256

e7901f8e11385cff96d1d14f654c1295603e13e8a0a891a1be6153b5b24c0b7a
SHA512

ff6699fb4d749b7bdcd71db931e01a2bf54c4b26848988b6c376802a2a4e305a28fe7bf6b427a7e8e636f0032c4e77b5c1c4b8ffc2e3aa37d302fe059f05a78a
SSDEEP

3072:SV8Y2OFOnmNiuzg+SPdiQah05cKTUUFDLOtuxzBw:WzCiQn5dnetO

Score

N/A

Malware Config

Signatures

Files

e7901f8e11385cff96d1d14f654c1295603e13e8a0a891a1be6153b5b24c0b7a
.exe windows x86

702e61ecb9d31def84cd05854512d0d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindow
GetDlgCtrlID
GetDlgItemTextA
GetDlgItemInt
CascadeWindows
IsWindowVisible
GetDlgItem
IsDialogMessageA
GetSysColor

advapi32

RegNotifyChangeKeyValue
OpenBackupEventLogW
RegReplaceKeyA
RegUnLoadKeyA
RegQueryValueExA
RegSetValueExA
RegisterEventSourceA
RegDeleteKeyA

kernel32

WritePrivateProfileSectionA
GetModuleHandleA
GetProcAddress
Sleep
VirtualAllocEx
GetModuleHandleW
LCMapStringW
HeapAlloc
GetCurrentDirectoryW
CreateFileA
WritePrivateProfileStructA
WriteConsoleW
IsProcessorFeaturePresent
SetStdHandle
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
ExitProcess
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetDriveTypeW
GetProfileSectionA
LoadLibraryW
HeapReAlloc
CreateFileW
SetEndOfFile
GetProcessHeap
CloseHandle
GetFullPathNameA
GetLastError
HeapFree
HeapSize
GetStringTypeW
GetFileAttributesA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
MultiByteToWideChar
ReadFile
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
SetFilePointer
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
RtlUnwind
HeapCreate
FlushFileBuffers

netapi32

NetErrorLogClear
NetAuditWrite
NetConfigGet
NetErrorLogRead
NetGroupAddUser
NetAuditRead
Netbios
NetFileGetInfo
NetConfigGetAll
NetFileClose
NetGetJoinableOUs

usp10

ScriptStringAnalyse
ScriptGetLogicalWidths
ScriptItemize
ScriptLayout
ScriptIsComplex
ScriptGetFontProperties
ScriptString_pSize

ws2_32

ioctlsocket
bind
gethostbyaddr
htonl
htons
getprotobyname
inet_addr
closesocket
listen
select
getservbyport
gethostname
getsockname
setsockopt
getsockopt

comdlg32

GetSaveFileNameW
ChooseColorW
GetOpenFileNameA
PageSetupDlgA
PrintDlgA
GetOpenFileNameW
ChooseFontW
ChooseColorA
GetFileTitleW
FindTextW
CommDlgExtendedError

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

702e61ecb9d31def84cd05854512d0d7

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

kernel32

netapi32

usp10

ws2_32

comdlg32

Sections

.text Size: 69KB - Virtual size: 69KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 19KB - Virtual size: 27KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 69KB - Virtual size: 69KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 19KB - Virtual size: 27KB

.rsrc
Size: 23KB - Virtual size: 22KB