62a48cf403acc1082d6b2157fe6af90108fee0bf5a89484196f33305d10730a8

Sharing

Copy URL

Twitter E-mail

General

Target

62a48cf403acc1082d6b2157fe6af90108fee0bf5a89484196f33305d10730a8
Size

203KB
MD5

2c060dbed0de86f9b85f2765418b5630
SHA1

73e4ea0179e8106a29fb74c258949d23a8855efd
SHA256

62a48cf403acc1082d6b2157fe6af90108fee0bf5a89484196f33305d10730a8
SHA512

b42e383dc56113c013ef37fa46e9ae9edb5006d7d36de7d9ad24e4ee17014ff407385c6f1f96d18422231b9a36f6593637c9e91dd6ae43f0c5d2a43f263bd2fb
SSDEEP

3072:v05rVMXQv4ar3sCLHxmZeX+kl6mml/f/K7ZCiEmZyGd1+e:vURvB3si4UnMmml/3KUiEmZyK

Score

N/A

Malware Config

Signatures

Files

62a48cf403acc1082d6b2157fe6af90108fee0bf5a89484196f33305d10730a8
.exe windows x86

d76a5dde23ed604e80c8985677fb6986

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowLongW
ShowWindow
TranslateMessage
PeekMessageW
GetDC
ClientToScreen
EnableWindow
LoadStringW
CheckDlgButton
DestroyWindow
GetClientRect
DefWindowProcW
GetDlgItemInt
InvalidateRect
GetDlgItem
SetDlgItemInt
LoadCursorW
IsRectEmpty
GetAsyncKeyState
CheckRadioButton
SetCursor
ReleaseDC
SendMessageW
IsWindow
CreateDialogParamW
GetWindowRect
SetDlgItemTextW
GetDesktopWindow
DispatchMessageW
MoveWindow
SetWindowLongW
IsWindowVisible

kernel32

GetProcAddress
SetUnhandledExceptionFilter
lstrcpyA
GlobalUnlock
GetProfileIntA
GetSystemTimeAsFileTime
GetDiskFreeSpaceW
lstrcmpW
GetFileSize
LeaveCriticalSection
IsBadReadPtr
QueryPerformanceCounter
GlobalMemoryStatus
GetFileAttributesW
DeleteFileW
GlobalFree
GetProcessHeap
FreeLibrary
ResetEvent
MulDiv
GetTickCount
WideCharToMultiByte
GetModuleFileNameA
WaitForMultipleObjects
lstrlenA
InterlockedExchange
GetFullPathNameW
HeapFree
lstrlenW
IsBadCodePtr
GetTimeZoneInformation
GetEnvironmentStringsA
SetThreadPriority
GlobalLock
IsBadWritePtr
GetSystemInfo
GetVersionExW
WaitForSingleObject
MultiByteToWideChar
CreateThread
InterlockedIncrement
GetACP
InterlockedDecrement
EnterCriticalSection
lstrcpyW
CloseHandle
GetPrivateProfileStringW
GetLastError
lstrcpynW
GetCurrentProcess
InitializeCriticalSection
LoadLibraryW
CreateFileW
VirtualFree
SetEvent
CreateSemaphoreW
GlobalHandle
DeleteCriticalSection
ReadFile
CreateEventW
GetCurrentThread
WriteFile
ReleaseSemaphore
lstrcmpiW
HeapAlloc
GetCurrentProcessId
GetThreadPriority
SetEndOfFile
GetQueuedCompletionStatus
SetFilePointer
GlobalAlloc

cewmdm

DllRegisterServer
DllUnregisterServer
DllGetClassObject
DllCanUnloadNow

cfgmgr32

CMP_WaitNoPendingInstallEvents
CMP_WaitServicesAvailable
CM_Add_Empty_Log_Conf
CMP_Report_LogOn
CMP_Init_Detection

nddeapi

NDdeGetTrustedShareA
NDdeGetShareSecurityW
NDdeGetErrorStringA
NDdeGetTrustedShareW
NDdeIsValidAppTopicListA
NDdeGetShareSecurityA
NDdeIsValidAppTopicListW

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d76a5dde23ed604e80c8985677fb6986

Headers

File Characteristics

Imports

user32

kernel32

cewmdm

cfgmgr32

nddeapi

Sections

.text Size: 81KB - Virtual size: 81KB

.rdata Size: 58KB - Virtual size: 58KB

.data Size: 58KB - Virtual size: 2.1MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 81KB - Virtual size: 81KB

.rdata
Size: 58KB - Virtual size: 58KB

.data
Size: 58KB - Virtual size: 2.1MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB