5274bbb3bc7d7a6c2b79f0d9e71db4f500caef080fd7a1dffcdeb2e81d8588fa

Sharing

Copy URL

Twitter E-mail

General

Target

5274bbb3bc7d7a6c2b79f0d9e71db4f500caef080fd7a1dffcdeb2e81d8588fa
Size

150KB
MD5

723187d38995646085285544130142d0
SHA1

3d5e478e2420e682198cc4f460f437170a6321ee
SHA256

5274bbb3bc7d7a6c2b79f0d9e71db4f500caef080fd7a1dffcdeb2e81d8588fa
SHA512

40845fb7b2f8cf5c20695e0b423b4d791a247f8b368065adab201d461cfdb12e80e0697f4aef38a00dfa0fd996aafa1c99647009e1915ec2279abbaf6d5da1bc
SSDEEP

3072:2w7GSzESqFXLo0X2/qe5gJ2Vnc5vww/TSUjinkSQ4GZm:RqSzxqFKy4VwIAobGM

Score

N/A

Malware Config

Signatures

Files

5274bbb3bc7d7a6c2b79f0d9e71db4f500caef080fd7a1dffcdeb2e81d8588fa
.exe windows x86

2dc75c2360f0e53ea9f349de91a9153a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsCharAlphaNumericW
SetWindowContextHelpId
DdeDisconnect
GetPropA
CreateDialogIndirectParamA
EnumDesktopsW
DispatchMessageA
DdeNameService
GetKeyboardType
ClipCursor

urlmon

RevokeFormatEnumerator
HlinkSimpleNavigateToString
URLOpenBlockingStreamA
GetClassURL

ole32

CoRegisterMallocSpy
MonikerCommonPrefixWith
OleUninitialize
CoGetCurrentProcess
CoMarshalInterface
OleCreateDefaultHandler
CoGetObject

advapi32

RegUnLoadKeyA
StartServiceCtrlDispatcherW
PrivilegedServiceAuditAlarmW
IsValidSecurityDescriptor
SetFileSecurityA
LookupAccountSidW
RegSetValueA
GetSecurityDescriptorDacl
GetPrivateObjectSecurity

gdi32

AnimatePalette
Chord
CreateCompatibleBitmap
BitBlt
CreateBrushIndirect
CombineRgn

mpr

WNetCancelConnection2W
WNetDisconnectDialog1A
WNetDisconnectDialog1W
WNetDisconnectDialog
WNetGetUniversalNameA

kernel32

LCMapStringA
GetStringTypeW
MultiByteToWideChar
LCMapStringW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
RaiseException
VirtualProtect
GetSystemInfo
VirtualQuery
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CompareStringW
SetEnvironmentVariableA
GetStringTypeA
TlsGetValue
GetLocaleInfoA
RtlUnwind
InitializeCriticalSection
ExitProcess
DosDateTimeToFileTime
DeleteFileW
DeleteFileA
CreateFileW
CreateFileA
CreateDirectoryW
CreateDirectoryA
CompareStringA
CloseHandle
LoadModule
EnumDateFormatsA
GetAtomNameA
RemoveDirectoryW
GetPrivateProfileIntA
GetFileSizeEx
MoveFileExA
GetSystemTimeAsFileTime
ExitThread
GetLastError
HeapFree
HeapAlloc
GetCommandLineA
GetVersionExA
GetStartupInfoA
GetProcAddress
GetModuleHandleW
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThreadId
GetModuleHandleA
OutputDebugStringA
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
VirtualAlloc
HeapReAlloc
WideCharToMultiByte
GetTimeZoneInformation
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
Sleep
LoadLibraryExA

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2dc75c2360f0e53ea9f349de91a9153a

Headers

DLL Characteristics

File Characteristics

Imports

user32

urlmon

ole32

advapi32

gdi32

mpr

kernel32

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 18KB - Virtual size: 24KB

.rsrc Size: 34KB - Virtual size: 33KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 18KB - Virtual size: 24KB

.rsrc
Size: 34KB - Virtual size: 33KB