d2832927a633d6c55c5e660a2dffc2faab96e8d8e8498640a26532b62765c1ac

Sharing

Copy URL

Twitter E-mail

General

Target

d2832927a633d6c55c5e660a2dffc2faab96e8d8e8498640a26532b62765c1ac
Size

55KB
MD5

79cd5dbc25aa0ef222ffbca7fe895dd0
SHA1

4151578eaaf9faca2acc6cc6190c5479e4679f5f
SHA256

d2832927a633d6c55c5e660a2dffc2faab96e8d8e8498640a26532b62765c1ac
SHA512

e855055706cab44936bc67b293c38078c1c896e585a33cc34caac6ba49595d5b9ff0659a4243e7bae01d16826a2e586ed329082d1d3aad8c734be407dc0b29c6
SSDEEP

1536:FknkSfCUtOTgBUtLk10CqvsaxmtMtNHe:FknkSfZWCoC0Cqvf39e

Score

N/A

Malware Config

Signatures

Files

d2832927a633d6c55c5e660a2dffc2faab96e8d8e8498640a26532b62765c1ac
.exe windows x86

52808dc9d3413e8b2b20f741b1c4a829

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
MulDiv
FileTimeToDosDateTime
GetProcAddress
lstrcmpW

imm32

ImmGetHotKey
ImmGetCompositionStringW
ImmGetCompositionFontW
ImmNotifyIME
ImmRequestMessageA
ImmGetCandidateListA
ImmConfigureIMEW
ImmGetIMEFileNameA
ImmConfigureIMEA
ImmGetGuideLineW
ImmDisableIME
ImmGetStatusWindowPos
ImmSetHotKey
ImmDestroySoftKeyboard
ImmGetDescriptionA
ImmShowSoftKeyboard
ImmAssociateContextEx
ImmGetImeMenuItemsA
ImmGetIMEFileNameW
ImmGetRegisterWordStyleA
ImmGetVirtualKey
ImmUnregisterWordA
ImmGetCandidateWindow
ImmGetIMCCSize
ImmGetConversionStatus
ImmSetCompositionFontA
ImmIsUIMessageW
ImmGetCompositionStringA
ImmReleaseContext
ImmLockIMC
ImmLockIMCC
ImmGenerateMessage
ImmEnumRegisterWordW
ImmSetCompositionStringA
ImmGetIMCCLockCount
ImmIsIME
ImmEscapeA
ImmSetCompositionFontW
ImmInstallIMEW
ImmUnlockIMCC
ImmGetOpenStatus

shlwapi

PathIsPrefixA
SHRegWriteUSValueW
StrIsIntlEqualA
StrToIntA
UrlCreateFromPathA
StrSpnA
SHRegQueryInfoUSKeyW
PathIsUNCServerShareW
PathIsRelativeW
StrCSpnA
StrChrA
PathRemoveArgsA
SHRegisterValidateTemplate
SHRegDeleteUSValueW
PathFindSuffixArrayW
PathIsURLW
SHRegSetPathA
StrStrIA
SHRegCreateUSKeyW
UrlIsA
PathMakePrettyA
PathFileExistsW
StrTrimA
StrRStrIA
PathUndecorateA
SHRegGetBoolUSValueW
SHRegSetUSValueW
PathMakeSystemFolderA
SHRegOpenUSKeyA
AssocQueryStringByKeyA
UrlUnescapeW
StrRetToStrA
SHGetInverseCMAP
PathIsRelativeA
SHGetThreadRef
UrlCanonicalizeA
PathSetDlgItemPathW
SHRegDeleteEmptyUSKeyA
StrToIntExW
PathSetDlgItemPathA
PathFindExtensionW
PathIsFileSpecW
UrlUnescapeA
PathGetArgsW
StrDupW
IntlStrEqWorkerW
SHQueryValueExA
PathCommonPrefixW
PathIsLFNFileSpecA

wtsapi32

WTSOpenServerA
WTSVirtualChannelQuery
WTSSendMessageW
WTSVirtualChannelPurgeOutput
WTSQuerySessionInformationW
WTSVirtualChannelClose
WTSDisconnectSession
WTSSendMessageA
WTSFreeMemory
WTSSetUserConfigW
WTSEnumerateSessionsW
WTSTerminateProcess
WTSLogoffSession
WTSSetSessionInformationA
WTSEnumerateProcessesW
WTSEnumerateProcessesA
WTSQueryUserConfigA
WTSWaitSystemEvent

comdlg32

ChooseColorA

user32

ExcludeUpdateRgn
DialogBoxParamW
EnumDisplayDevicesW
SetRectEmpty
EndDialog
IsDialogMessageW
TrackPopupMenu
DdeDisconnect
SetWindowsHookExA
BeginPaint
AnimateWindow
CallWindowProcW
CharLowerBuffA
DdeCreateDataHandle
GetKeyboardState
wvsprintfA
SendNotifyMessageW
SendMessageA
OemKeyScan
IsCharAlphaNumericW
AttachThreadInput
MessageBoxW
IsZoomed
SetMessageQueue

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

52808dc9d3413e8b2b20f741b1c4a829

Headers

File Characteristics

Imports

kernel32

imm32

shlwapi

wtsapi32

comdlg32

user32

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 4KB

.rsrc Size: 11KB - Virtual size: 12KB

.xdata Size: 7KB - Virtual size: 6KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 11KB - Virtual size: 12KB

.xdata
Size: 7KB - Virtual size: 6KB