25c9c9bf5a0f5d2ec07372bdfec3535f1d89445ec591f7be132cb3baae7982c9

Sharing

Copy URL Twitter E-mail

General

Target

25c9c9bf5a0f5d2ec07372bdfec3535f1d89445ec591f7be132cb3baae7982c9
Size

30KB
MD5

20d014a84208ebe0148147aee8fe8c10
SHA1

fab321438dd5bb855513a6ece70e4ea90a48679f
SHA256

25c9c9bf5a0f5d2ec07372bdfec3535f1d89445ec591f7be132cb3baae7982c9
SHA512

ea0fc58b715869837d5ad6e68abd6d739c7e96562fbbedddbae75a30e03401dcd1590743c43ac136ebb779c82963daec9cae1f7639bbd509b64bbd94fbce3919
SSDEEP

768:O54IU7rkjMm5Fmc29639pEiwVLaFFiisMTu:OW7rqFm59op7iCu

Score

N/A

Malware Config

Signatures

Files

25c9c9bf5a0f5d2ec07372bdfec3535f1d89445ec591f7be132cb3baae7982c9
.exe windows x86

a20e0db1cd8928a9d6326cb03867d0bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

DllUnregisterServer
SHStartNetConnectionDialogW
SHGetSetSettings
DllGetVersion
DAD_DragEnterEx
GetFileNameFromBrowse
IsNetDrive
SHDefExtractIconW
DllCanUnloadNow
DragAcceptFiles
SHChangeNotifyRegister
DriveType
SHILCreateFromPath
Shell_MergeMenus
DAD_DragLeave
SHChangeNotifyDeregister
Shell_GetCachedImageIndex
Shell_GetImageLists
PifMgr_OpenProperties
IsLFNDrive
RestartDialog
PickIconDlg
DAD_DragMove
DragFinish
SHCoCreateInstance
PathResolve
DllInstall
DllRegisterServer

rpcrt4

CStdStubBuffer_CountRefs
MesBufferHandleReset
CreateStubFromTypeInfo
MesInqProcEncodingId
MesHandleFree
MesIncrementalHandleReset
NdrByteCountPointerFree
DllGetClassObject
DllRegisterServer
MesEncodeFixedBufferHandleCreate
MesDecodeIncrementalHandleCreate
NDRSContextMarshall
NdrAsyncClientCall
NdrAsyncServerCall
NdrAllocate
NDRSContextMarshallEx
NdrConformantStructBufferSize
DceErrorInqTextW
NdrClientInitialize
NdrByteCountPointerUnmarshall
NdrByteCountPointerBufferSize
NDRCContextBinding
NDRCContextMarshall
NDRcopy

advapi32

RegCreateKeyExW
OpenProcessToken
RegCloseKey
AllocateAndInitializeSid
RegEnumKeyExA
RegDeleteKeyA
CloseServiceHandle
RegQueryValueExW
GetTokenInformation
RegDeleteValueW
RegOpenKeyExW
RegDeleteKeyW
FreeSid
RegQueryInfoKeyW
RegQueryValueExA
RegSetValueExW
RegSetValueExA
OpenThreadToken
RegDeleteValueA
RegOpenKeyExA
RegEnumKeyExW
InitializeSecurityDescriptor
RegEnumValueW
RegCreateKeyExA

user32

LoadStringA
SetWindowLongW
EndPaint
GetDC
DispatchMessageA
DestroyWindow
IsWindow
GetClientRect
MessageBoxA
LoadStringW
GetWindowLongA
ShowWindow
SetWindowPos
SendMessageW
UpdateWindow
SetTimer
GetParent
PostQuitMessage
EnableWindow
GetWindowLongW
CharNextW
SetCursor
MessageBoxW
wsprintfW
GetSystemMetrics
GetWindowRect
GetDlgItem
BeginPaint
CreateWindowExA
DefWindowProcA
TranslateMessage
InvalidateRect
SetWindowLongA

oleaut32

SafeArrayUnaccessData
LoadTypeLibEx
SafeArrayPtrOfIndex
SetErrorInfo
SysReAllocStringLen
SysStringByteLen
VariantChangeType
GetActiveObject
SafeArrayGetLBound
LoadTypeLib
GetErrorInfo
SafeArrayPutElement
VariantChangeTypeEx
VariantInit
SafeArrayCreate
SysAllocStringLen
SafeArrayGetUBound
VariantClear
SysStringLen
OleLoadPicture
SafeArrayAccessData
VariantCopyInd
SysAllocStringByteLen
VariantCopy
SysFreeString
RegisterTypeLib
SafeArrayGetElement

oleacc

ObjectFromLresult

kernel32

GetCurrentProcess
GetTempPathA
CreateDirectoryA
AddAtomW
ExpandEnvironmentStringsA
CreateMutexA
GetWindowsDirectoryW
OpenProcess
SetFileAttributesA
DeviceIoControl
IsBadCodePtr
FileTimeToLocalFileTime
WriteConsoleW
MulDiv
VirtualFree
RaiseException
GetComputerNameW
GetExitCodeProcess
CopyFileW
OutputDebugStringW
lstrcatW
GetCommandLineW
FindResourceA
GetLastError
FindNextFileA
ReleaseSemaphore
IsDBCSLeadByte
LockResource
LoadResource
IsValidCodePage
ExitProcess
VirtualAlloc
SizeofResource
RemoveDirectoryW
CreateProcessW
LoadLibraryExA
CloseHandle
CreateMutexW
GetCurrentDirectoryW
ResumeThread
SetThreadPriority
CreateFileMappingA
CreateFileMappingW

Sections

.textbss
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a20e0db1cd8928a9d6326cb03867d0bb

Headers

File Characteristics

Imports

shell32

rpcrt4

advapi32

user32

oleaut32

oleacc

kernel32

Sections

.textbss Size: - Virtual size: 48KB

.data Size: 2KB - Virtual size: 2KB

.debug Size: 2KB - Virtual size: 1KB

.rdata Size: 2KB - Virtual size: 2KB

.text Size: 512B - Virtual size: 444B

.idata Size: 18KB - Virtual size: 17KB

.rsrc Size: 4KB - Virtual size: 3KB

.textbss
Size: - Virtual size: 48KB

.data
Size: 2KB - Virtual size: 2KB

.debug
Size: 2KB - Virtual size: 1KB

.rdata
Size: 2KB - Virtual size: 2KB

.text
Size: 512B - Virtual size: 444B

.idata
Size: 18KB - Virtual size: 17KB

.rsrc
Size: 4KB - Virtual size: 3KB