09758ac2a38170fbaac946b9eb7e88be91a97554bc42f7e9ac4c65909ad65f8a

Sharing

Copy URL

Twitter E-mail

General

Target

09758ac2a38170fbaac946b9eb7e88be91a97554bc42f7e9ac4c65909ad65f8a
Size

266KB
MD5

24986d2bdb8bae24d68915f64b0dd422
SHA1

bdfdd6305affe7cfd5b03fc95026d67dda9e3f13
SHA256

09758ac2a38170fbaac946b9eb7e88be91a97554bc42f7e9ac4c65909ad65f8a
SHA512

d3b1801e3e1ea8a162b252a972cb1eea6b66e1c0f0783ad99701aa8100e324c38ca67ac7b5c4cc2a0e3357d869bec5785335c4106c293509ca3e93b856280812
SSDEEP

3072:pMHRPo/VYqVQ3+ZrRkwbRCG33AOnsRFXb7pfP32vO1g6cJ1ZXgKdSB:pMHRPoyqa3+ZV7tVSFL7w6cJ1a

Score

N/A

Malware Config

Signatures

Files

09758ac2a38170fbaac946b9eb7e88be91a97554bc42f7e9ac4c65909ad65f8a
.exe windows x86

15f6222e05be6a4f32883037b5d6c676

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

msvcrt

_mbsrchr
__lconv_init
_mbschr
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
??3@YAXPAX@Z
setlocale
_mbsinc
_controlfp
??2@YAPAXI@Z
wcsrchr
wcschr
wcscat
wcscpy
wcslen
wcsncpy
_ftol
strtoul
memmove
towlower
_wtoi
iswspace
free
_wcsnicmp
_wcsicmp
_except_handler3
wcsncmp

advapi32

RegEnumKeyW
LookupPrivilegeValueW
OpenProcessToken
LookupAccountSidW
RegQueryValueW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyW
RegOpenKeyExW
AdjustTokenPrivileges
RegQueryValueExW
RegCloseKey
AllocateAndInitializeSid
EqualSid
FreeSid
GetTokenInformation

kernel32

UnmapViewOfFile
FindFirstFileA
SetErrorMode
GetFileAttributesA
CreateDirectoryA
GetTempFileNameA
SetCurrentDirectoryW
GetModuleFileNameW
CloseHandle
CreateThread
LocalFree
FormatMessageW
LocalAlloc
GetCurrentProcess
GetProcAddress
GetModuleHandleW
GetLastError
CreateMutexW
GetVersionExW
GetVersion
LoadLibraryW
DeleteCriticalSection
WaitForSingleObject
lstrlenW
LeaveCriticalSection
EnterCriticalSection
GetFileAttributesW
GetTempPathA
GetCurrentDirectoryW
InitializeCriticalSection
lstrcpyW
HeapFree
HeapAlloc
GetProcessHeap
IsDBCSLeadByte
CopyFileW
CreateDirectoryW
GetWindowsDirectoryW
GetEnvironmentVariableW
DeleteFileW
SetFileAttributesW
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
GetDriveTypeW
ExpandEnvironmentStringsW
FreeLibrary
LoadLibraryExW
DeviceIoControl
CreateFileA
TerminateProcess
OpenProcess
FindClose
FindNextFileW
FindFirstFileW
CreateProcessW
lstrcatW
SetEvent
CreateEventW
ResetEvent
WriteFile
SetCommState
GetCommState
SetCommTimeouts
ReadFile
ExitThread
WaitForMultipleObjects
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA
GetStartupInfoA
SetLastError
GetDiskFreeSpaceW
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
GetVersionExA
CreateEventA
DebugBreak
ExitProcess
SetFilePointer
DeleteFileA
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetSystemDirectoryW
CreateFileW

gdi32

GetDeviceCaps
CreateFontIndirectW
AddFontResourceW

user32

ReleaseDC
LoadStringA
GetDC
SystemParametersInfoW
wsprintfW
GetParent
PostMessageW
DialogBoxParamW
ShowWindow
SetWindowPos
ScreenToClient
GetWindowRect
GetWindowLongW
EnumChildWindows
LoadImageW
RedrawWindow
EnableWindow
EndDialog
GetDlgItem
SendMessageA
SetWindowLongW
LoadIconW
SetFocus
SendDlgItemMessageW
GetSysColor
InvalidateRect
SetWindowLongA
GetWindowLongA
IsWindow
CopyRect
GetClientRect
MessageBoxA
SetTimer
FindWindowW
RegisterClassExW
LoadStringW
MessageBoxW
CreateWindowExW
GetMessageW
TranslateMessage
DispatchMessageW
CharLowerW
SendMessageW
SetForegroundWindow
EnumThreadWindows
PostQuitMessage
DefWindowProcW
ExitWindowsEx

migism

IsmGetRealPlatform
IsmGetTempFile
TrackedIsmCreateSimpleObjectPattern
IsmEnumFirstSourceObjectEx
IsmGetControlFile
IsmEnumNextObject
IsmAbortObjectEnum
IsmGetActiveScopeName
IsmInitialize
IsmSetPlatform
IsmSetEnvironmentFlag
IsmSetEnvironmentString
IsmStartEtmModules
IsmStartTransport
IsmSetRollbackJournalType
IsmDoesRollbackDataExist
IsmPreserveJournal
IsmCanWriteRollbackJournal
IsmTerminate
IsmSetCancel
IsmSave
IsmRollback
IsmLoad
IsmRemoveAllUserSuppliedComponents
IsmSelectMasterGroup
IsmEnumFirstComponent
TrackedIsmExpandEnvironmentString
IsmIsSystemScopeSelected
IsmReleaseObject
IsmDestroyObjectString
IsmReleaseMemory
IsmDestroyObjectHandle
IsmReplacePhysicalObject
TrackedIsmCreateObjectHandle
TrackedIsmCreateObjectStringsFromHandleEx
IsmAcquireObjectEx
IsmGetObjectTypeId
TrackedIsmGetNativeObjectName
IsmGetObjectTypeName
IsmSetEnvironmentMultiSz
IsmGetEnvironmentMultiSz
TrackedIsmDuplicateString
TrackedIsmGetMemory
IsmGetTempStorage
IsmAddComponentAlias
IsmSelectComponent
IsmIsComponentSelected
IsmRegisterProgressBarCallback
IsmSetEnvironmentValue
IsmAppendEnvironmentMultiSz
IsmAddControlFile
IsmSendMessageToApp
IsmSetTransportStorage
IsmSelectTransport
IsmRegisterTransport
IsmExecute
IsmEnumNextComponent

shell32

SHGetFileInfoW
SHGetDesktopFolder
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetMalloc

ole32

OleUninitialize
OleInitialize
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CoUninitialize

comdlg32

GetOpenFileNameW

comctl32

InitCommonControlsEx
CreatePropertySheetPageW
PropertySheetW

setupapi

SetupGetStringFieldW
SetupFindNextLine
SetupCloseInfFile
SetupOpenInfFileW
SetupOpenAppendInfFileW
SetupFindFirstLineW
SetupGetLineCountW

log

LogReInitW
SuppressAllLogPopups
LogEnd
LogA
LogBegin
LogDeleteOnNextInit

shlwapi

StrCmpIW
PathAppendW
PathIsRootW
StrCpyNW
StrCmpNIW
ord16
StrCatW
StrCpyW
PathCombineW
StrDupW
PathIsDirectoryW
SHGetValueW
StrChrIW
StrCmpW

cabinet

ord10
ord14
ord13
ord11

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vlurwlt
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

15f6222e05be6a4f32883037b5d6c676

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

migism

shell32

ole32

comdlg32

comctl32

setupapi

log

shlwapi

cabinet

Sections

.text Size: 87KB - Virtual size: 87KB

.data Size: 2KB - Virtual size: 31KB

.rsrc Size: 176KB - Virtual size: 177KB

vlurwlt Size: - Virtual size: 4KB

.text
Size: 87KB - Virtual size: 87KB

.data
Size: 2KB - Virtual size: 31KB

.rsrc
Size: 176KB - Virtual size: 177KB

vlurwlt
Size: - Virtual size: 4KB