64d1627552c492da25594a8b484dc2c801009755af42db204bf0ab0ba23e61de

General

Target

64d1627552c492da25594a8b484dc2c801009755af42db204bf0ab0ba23e61de
Size

224KB
MD5

60f4be78411f18483b15b9d505991f74
SHA1

a6239940dea18d22f7273d97c50f3596a84bc719
SHA256

64d1627552c492da25594a8b484dc2c801009755af42db204bf0ab0ba23e61de
SHA512

8c76c3d294b174f618697f6c32bdebf95693f196067ff24e942b30a52c1400e29a6d8cafa226bf39a21c838e7ecd81fdb9fc41e26fc660fe0cb0edb5da6c07e0
SSDEEP

3072:DbbjqbxpStJizw2EQRf3fG2QsEZBAlPT0DCHRnrj6pcn:nbWbOJ72EQRnG2HC6louHJP

Score

N/A

Malware Config

Signatures

Files

64d1627552c492da25594a8b484dc2c801009755af42db204bf0ab0ba23e61de
.exe windows x86

100ca6a10b558c7362db0c9a4a3c5481

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

resutils

ClusWorkerTerminate
ResUtilGetBinaryValue
ClusWorkerStart

user32

InsertMenuA
IsDialogMessageW
GetClassLongA
GetPropA
DrawStateA
LoadCursorA
wsprintfA
GetDlgItemTextW
PostMessageW
DispatchMessageW

uxtheme

GetWindowTheme
GetThemeInt
DrawThemeBackground
OpenThemeData
GetThemeRect
IsThemeActive
GetThemeBool
GetThemeTextExtent
CloseThemeData
SetWindowTheme
DrawThemeEdge
GetThemeTextMetrics
GetThemeSysSize

wtsapi32

WTSVirtualChannelRead
WTSVirtualChannelPurgeInput
WTSRegisterSessionNotification
WTSSendMessageA
WTSOpenServerW
WTSLogoffSession
WTSWaitSystemEvent
WTSVirtualChannelOpen
WTSQuerySessionInformationA
WTSEnumerateProcessesA

cfgmgr32

CM_Add_Empty_Log_Conf
CMP_Init_Detection
CM_Add_Range
CM_Add_IDA
CMP_Report_LogOn

msimg32

vSetDdrawflag
AlphaBlend
TransparentBlt
DllInitialize
GradientFill

dbnmpntw

ConnectionWrite
ConnectionRead

kernel32

GetCurrentDirectoryA
UpdateResourceW
CreateDirectoryA
lstrcpynA
SetCurrentDirectoryW
GetConsoleTitleW
Sleep
GetCurrentProcess
GetFullPathNameW
VirtualProtect
GetTimeFormatA
GetGeoInfoW
LoadLibraryW
GetModuleHandleA
GetCommandLineA
ReadConsoleA

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

100ca6a10b558c7362db0c9a4a3c5481

Headers

DLL Characteristics

File Characteristics

Imports

resutils

user32

uxtheme

wtsapi32

cfgmgr32

msimg32

dbnmpntw

kernel32

Sections

.text Size: 28KB - Virtual size: 24KB

.data Size: 20KB - Virtual size: 18KB

.rsrc Size: 172KB - Virtual size: 169KB

.text
Size: 28KB - Virtual size: 24KB

.data
Size: 20KB - Virtual size: 18KB

.rsrc
Size: 172KB - Virtual size: 169KB