309d7452e7c706a215df62c5fe8699c54b53b5beeeae7619698e034048fa2c0f

Sharing

Copy URL

Twitter E-mail

General

Target

309d7452e7c706a215df62c5fe8699c54b53b5beeeae7619698e034048fa2c0f
Size

192KB
MD5

7b576000877bb8178d62a82a7e227850
SHA1

995e9f3bbf4281ac440f1e774731539d3e64a0f0
SHA256

309d7452e7c706a215df62c5fe8699c54b53b5beeeae7619698e034048fa2c0f
SHA512

ef8e285b10fa1d177f23dd98326d4eb7baac09d85488db8dce21230ce6772d7340637336f8bce621712fcb2fd9cfe85c4bb46fe06c6fa8eda75c004b2b372154
SSDEEP

3072:T24ZF1ek+2lBSQ0BEy1EKB52OlGnkrzDDjS5f:Scd7lGBEy3BxlGnKzDD

Score

N/A

Malware Config

Signatures

Files

309d7452e7c706a215df62c5fe8699c54b53b5beeeae7619698e034048fa2c0f
.exe windows x86

b2b5e6cd2cf7a393c888a8687a002105

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
GetFileAttributesExW
GetProcAddress
HeapReAlloc
GetLastError
DeleteFileW
CreateFileW
WriteFile
CloseHandle
HeapWalk
GetSystemInfo
VirtualProtect
FlushFileBuffers
SetStdHandle
LCMapStringW
LCMapStringA
GetLocaleInfoA
WideCharToMultiByte
CreateDirectoryW
GetStringTypeW
GetStringTypeA
SetFilePointer
VirtualQuery
InterlockedExchange
RtlUnwind
VirtualAlloc
GetCPInfo
GetOEMCP
GetACP
InitializeCriticalSection
LoadLibraryA
Sleep
RaiseException
LeaveCriticalSection
EnterCriticalSection
VirtualFree
HeapFree
HeapAlloc
GetVersionExA
GetProcessHeap
GetStartupInfoW
ExitProcess
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
HeapDestroy
HeapCreate

advapi32

RegEnumKeyExW
RegCloseKey
RegCreateKeyExW
RegQueryValueExW
RegQueryInfoKeyW
RegEnumValueW
RegSetValueExW
RegDeleteValueW
RegOpenKeyExW
RegDeleteKeyW

user32

ShowWindow
SetWindowTextW
EnableWindow
GetClientRect
EndDialog
SetFocus
MessageBoxW
SendMessageW
UpdateWindow
CreateWindowExW
LoadCursorW
LoadStringW
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
GetDlgCtrlID
DispatchMessageW
LoadIconW
TranslateMessage
RegisterClassExW
PostQuitMessage
DefWindowProcW
DestroyWindow
BeginPaint
EndPaint
DialogBoxParamW
CheckRadioButton
GetDlgItem
IsDlgButtonChecked
GetDlgItemTextW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

shell32

SHGetFolderPathW

shlwapi

SHCreateStreamOnFileW

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoUninitialize
CoInitialize
StgOpenStorageEx
StgCreateStorageEx
StringFromGUID2
CoCreateGuid

oleaut32

SysAllocStringLen
SysStringByteLen
SysFreeString
SysAllocString
VariantClear

comctl32

InitCommonControlsEx

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tqn
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b2b5e6cd2cf7a393c888a8687a002105

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

comdlg32

shell32

shlwapi

ole32

oleaut32

comctl32

Sections

.text Size: 100KB - Virtual size: 100KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 48KB - Virtual size: 46KB

.tqn Size: 28KB - Virtual size: 28KB

.text
Size: 100KB - Virtual size: 100KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 48KB - Virtual size: 46KB

.tqn
Size: 28KB - Virtual size: 28KB