0378793a6a2b5f8de104630d4d2b8a74237107b80f16d6802b3d358ea7465393

Sharing

Copy URL

Twitter E-mail

General

Target

0378793a6a2b5f8de104630d4d2b8a74237107b80f16d6802b3d358ea7465393
Size

839KB
MD5

2f8ee6edc6297aac39a17970395d0e60
SHA1

d0292e7df7b4cbdcae9eecfdf12f914635f87d3f
SHA256

0378793a6a2b5f8de104630d4d2b8a74237107b80f16d6802b3d358ea7465393
SHA512

9e383adbcfe3324e941590650e20a7c8338c2b56277076033ab84d703ce4b829529d56d6e68ac71ec2f089003f7d25f5f189fbcd4441c423a01d852e1dc084b6
SSDEEP

12288:gCCNoC4087gYN3TeplElPZxlSD7SANlslqfjvNbVR8S:gCCqX7dNSUPZ2emZjvvSS

Score

N/A

Malware Config

Signatures

Files

0378793a6a2b5f8de104630d4d2b8a74237107b80f16d6802b3d358ea7465393
.exe windows x86

1055dcd48817744818c8e1ae22b63002

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
CreateFileW
FindClose
FindNextFileW
GetDiskFreeSpaceExW
FindFirstFileW
GetSystemTime
CompareStringW
GetModuleHandleW
DeleteFileW
CloseHandle
CreateFileA
HeapAlloc
HeapFree
GetProcessHeap
LocalAlloc
LocalFree
SetLastError
MapViewOfFile
UnmapViewOfFile
GetLastError
CreateFileMappingW
OpenFileMappingW
GetCommandLineW
GetCurrentProcess
GetModuleFileNameW
GetTempPathW
GetProcAddress
GetCurrentProcessId
InterlockedIncrement
InterlockedCompareExchange
SetFilePointer
CreateProcessW
WriteFile
GlobalAlloc
FormatMessageW
ExitThread
GlobalFree
CreateEventW
WaitForMultipleObjects
GetCurrentThreadId
DuplicateHandle
CreateThread
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
FreeLibrary
LoadLibraryW
MoveFileExW
CreateDirectoryW
WaitForSingleObject
CopyFileW
FileTimeToSystemTime
SetFileAttributesW
GetSystemDirectoryW
RemoveDirectoryW
GetFileSize
Sleep
ReadFile
FlushFileBuffers
CreateMutexW
OpenMutexW
ReleaseMutex
OutputDebugStringW
LCMapStringW
HeapReAlloc
GetStartupInfoW
FileTimeToLocalFileTime
GetDriveTypeW
GetSystemTimeAsFileTime
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedDecrement
GetTimeZoneInformation
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSize
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetFullPathNameW
GetCurrentDirectoryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
GetTimeFormatA
GetDateFormatA
GetModuleHandleA
LoadLibraryA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetDriveTypeA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
SetEnvironmentVariableA
GetFileAttributesW

user32

CreateDialogParamW
SetWindowLongW
BeginPaint
DialogBoxParamW
DestroyWindow
EndPaint
ShowWindow
GetWindowLongW
CheckDlgButton
GetSystemMenu
GetSystemMetrics
GetWindowRect
PostMessageW
GetFocus
GetClientRect
LoadIconW
EnableMenuItem
GetDlgItem
EndDialog
LoadBitmapW
MessageBoxW
GetDlgItemTextW
SetDlgItemTextW
EnableWindow
SetWindowTextW
MoveWindow
SendMessageW
IsIconic
SetForegroundWindow
FindWindowW
ScreenToClient

gdi32

DeleteObject
CreateFontIndirectW
StretchBlt
GetObjectW
CreateCompatibleDC
SelectObject

comdlg32

GetSaveFileNameW
GetOpenFileNameW

shell32

SHFileOperationW
SHGetSpecialFolderPathW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

imm32

ImmDisableIME

advapi32

RegQueryValueExW
AddAccessAllowedAceEx
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetNamedSecurityInfoW
GetNamedSecurityInfoW
InitializeAcl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
GetSidLengthRequired
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
RegCreateKeyExW
LookupAccountSidW
GetTokenInformation
OpenProcessToken
RegSetValueExW
RegCloseKey
RegOpenKeyExW

comctl32

InitCommonControlsEx

Sections

.text
Size: 376KB - Virtual size: 375KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 32KB - Virtual size: 681KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1055dcd48817744818c8e1ae22b63002

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

version

imm32

advapi32

comctl32

Sections

.text Size: 376KB - Virtual size: 375KB

.rdata Size: 208KB - Virtual size: 208KB

.data Size: 32KB - Virtual size: 681KB

.rsrc Size: 216KB - Virtual size: 216KB

.text
Size: 376KB - Virtual size: 375KB

.rdata
Size: 208KB - Virtual size: 208KB

.data
Size: 32KB - Virtual size: 681KB

.rsrc
Size: 216KB - Virtual size: 216KB