ac5dca6d9e391814581e562c21c87299a95acd3f333c0293bb7066ea85614931

Sharing

Copy URL Twitter E-mail

General

Target

ac5dca6d9e391814581e562c21c87299a95acd3f333c0293bb7066ea85614931
Size

62KB
MD5

5777696a198dcc1cc72e802e00269db0
SHA1

d9dfd5d01a51034ff7d7be82d4c188abd55bbc6e
SHA256

ac5dca6d9e391814581e562c21c87299a95acd3f333c0293bb7066ea85614931
SHA512

3a80323bd3cbd46ccfcf046f204e01011fb99c393ceb02fa9e20f21a9d84c9a3927041bb7610bbadfe3df11eb0b21b2667c278627cd22f6ea98f4fde9fbf0b9f
SSDEEP

768:n5qC1Atl0+KN2ApotqIf6X50aluMyVSTq2BKEsSi9B0iCTbGpC6xtnraeMl:n1WbKN2Arb1hjKPbATbwCsRraeMl

Score

N/A

Malware Config

Signatures

Files

ac5dca6d9e391814581e562c21c87299a95acd3f333c0293bb7066ea85614931
.exe windows x86

4e931b35a143a0d9468a852ddd8ace97

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegQueryValueW
RegCloseKey
RegQueryValueExW
RegOpenKeyW
RegDeleteValueW

kernel32

LocalAlloc
ExitProcess
WriteFile
CloseHandle
GetCurrentThreadId
GetCommandLineW
GlobalFree
FreeLibrary
GetProcAddress
GetLastError
GlobalAlloc
lstrcpynW
lstrcpyW
GetPrivateProfileStringW
GetVersionExW
lstrcmpiW
GetModuleHandleW
GetPrivateProfileIntW
lstrcatW
CreateSemaphoreW
FindClose
FindNextFileW
LoadLibraryW
SetFileAttributesW
FindFirstFileW
LocalFree
Sleep
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
lstrlenW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
HeapFree
HeapAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualAlloc
LoadLibraryA
lstrcmpW
CompareStringW
GetFullPathNameW
DeleteFileW
GetOEMCP

gdi32

CreateFontIndirectW
DeleteObject
GetObjectW
GetStockObject

user32

CallNextHookEx
GetActiveWindow
GetDlgItemTextW
EnableWindow
DialogBoxParamW
SendMessageW
SetDlgItemTextW
EndDialog
SetWindowsHookExW
UnhookWindowsHookEx
ExitWindowsEx
CharUpperW
MessageBoxW
PostMessageW
GetDlgItem
WinHelpW
LoadStringW
wsprintfW
SetFocus
SendDlgItemMessageW

shell32

ShellExecuteW

tapi32

lineTranslateDialogW
lineNegotiateAPIVersion
lineTranslateAddressW
lineInitialize
lineShutdown

rasapi32

RasEnumConnectionsW
RasGetConnectStatusW
RasHangUpW

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4e931b35a143a0d9468a852ddd8ace97

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

shell32

tapi32

rasapi32

Sections

.text Size: 27KB - Virtual size: 27KB

.data Size: 9KB - Virtual size: 17KB

.rsrc Size: 24KB - Virtual size: 40KB

.text
Size: 27KB - Virtual size: 27KB

.data
Size: 9KB - Virtual size: 17KB

.rsrc
Size: 24KB - Virtual size: 40KB