a6fa3907adb77e3a3cdc96b23213637f09df71c07eade495b0f3da3251c8e1c6

General

Target

a6fa3907adb77e3a3cdc96b23213637f09df71c07eade495b0f3da3251c8e1c6
Size

224KB
MD5

6a8c26d14df4f6dba29c0149a6b84930
SHA1

1573ecb8c04a03c1135735fa4c15afc742bf455c
SHA256

a6fa3907adb77e3a3cdc96b23213637f09df71c07eade495b0f3da3251c8e1c6
SHA512

2312fb8c4aee43c1eec63130508898a59672f138a304aae4ef56fcacf61c28913938c3355706d8b29723dc6b2352a6368ddc95977c4fbcab0fb833f376a523b5
SSDEEP

3072:VFeTWymtsS/C65/f3CrMqjc7ojP9jirqX4qSwutrCEcBKVy:Omtn/CMQj9PgfqujP

Score

N/A

Malware Config

Signatures

Files

a6fa3907adb77e3a3cdc96b23213637f09df71c07eade495b0f3da3251c8e1c6
.exe windows x86

db6f94ffca2efc95432f7837f1a3b6ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSLogoffSession
WTSSendMessageA
WTSVirtualChannelPurgeInput
WTSRegisterSessionNotification
WTSQuerySessionInformationA
WTSVirtualChannelRead
WTSQueryUserToken
WTSSetUserConfigW
WTSVirtualChannelOpen
WTSUnRegisterSessionNotification
WTSFreeMemory

uxtheme

GetThemeBool
GetThemeTextExtent
CloseThemeData
GetWindowTheme
GetThemeFilename
DrawThemeEdge
GetThemeRect
GetThemeColor
SetWindowTheme
DrawThemeBackground
IsThemeActive
GetThemeTextMetrics
GetThemeInt

user32

DispatchMessageW
GetDlgItemTextW
CreateDesktopW
PeekMessageW
CharToOemA
FlashWindow
DrawStateA
GetClassLongA
InsertMenuA
LoadBitmapA
PostMessageW
LoadCursorA
LoadIconA
IsDialogMessageW

cfgmgr32

CM_Add_IDA
CMP_Report_LogOn

kernel32

lstrcpynA
GetCurrentDirectoryA
CompareStringA
GetModuleHandleA
GetProcessId
HeapSize
Sleep
GetDriveTypeA
SetEnvironmentVariableW
SetCurrentDirectoryW
GetNumberFormatW
VirtualProtect
CreateNamedPipeA
CreateDirectoryA
GetConsoleAliasW
LoadLibraryW

resutils

ClusWorkerStart
ClusWorkerTerminate
ClusWorkerCreate
ResUtilGetBinaryValue

msimg32

vSetDdrawflag
AlphaBlend

dbnmpntw

ConnectionError
ConnectionWrite

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db6f94ffca2efc95432f7837f1a3b6ee

Headers

DLL Characteristics

File Characteristics

Imports

wtsapi32

uxtheme

user32

cfgmgr32

kernel32

resutils

msimg32

dbnmpntw

Sections

.text Size: 28KB - Virtual size: 24KB

.data Size: 20KB - Virtual size: 18KB

.rsrc Size: 172KB - Virtual size: 169KB

.text
Size: 28KB - Virtual size: 24KB

.data
Size: 20KB - Virtual size: 18KB

.rsrc
Size: 172KB - Virtual size: 169KB