8d0ba9dbe7348bb2bb1ef9f235266c40ec5d059dab4f51413a3f612b8673c4c0

General

Target

8d0ba9dbe7348bb2bb1ef9f235266c40ec5d059dab4f51413a3f612b8673c4c0
Size

224KB
MD5

a233ff9143115d710902b226fedc815b
SHA1

accdb4aad99afa7759837b11b2d5898c44e71d1f
SHA256

8d0ba9dbe7348bb2bb1ef9f235266c40ec5d059dab4f51413a3f612b8673c4c0
SHA512

d3998f68c216bffd5dffd9295b56d71d0d2da9ad69794d86b26d1d8ef67b182d6f6551d7a70217722dd655d4dc438a4fb04379ae2a3b4f3aaf8255a46fcfdbb9
SSDEEP

3072:hGsxsMQBeuOU3qQvHgwMURUB14qGQ+tYH6keb6Bxdeq3CL5WPxzZk:zQY7UVvHnMUKBCVQ+tG6kebsDCLM5

Score

N/A

Malware Config

Signatures

Files

8d0ba9dbe7348bb2bb1ef9f235266c40ec5d059dab4f51413a3f612b8673c4c0
.exe windows x86

8da814f536f3c5ab807d92d4de58fde7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSVirtualChannelClose
WTSVirtualChannelRead
WTSSetSessionInformationW
WTSQueryUserToken
WTSVirtualChannelPurgeInput
WTSVirtualChannelOpen
WTSEnumerateProcessesA
WTSQuerySessionInformationA
WTSWaitSystemEvent
WTSEnumerateServersA
WTSRegisterSessionNotification
WTSSendMessageA
WTSUnRegisterSessionNotification
WTSVirtualChannelWrite
WTSFreeMemory

kernel32

GetConsoleTitleW
GetDateFormatW
GetModuleHandleA
lstrcpynA
CreateFileW
VirtualProtect
GetLogicalDriveStringsW
CloseHandle
Sleep
GetConsoleAliasW
LoadLibraryW
ReadConsoleA
GetDriveTypeA

msimg32

vSetDdrawflag
DllInitialize
GradientFill

clbcatq

DowngradeAPL
SetSetupOpen
CoRegCleanup
ComPlusMigrate

uxtheme

CloseThemeData
IsThemeActive
GetThemeColor
GetThemeTextMetrics
GetThemeBool
GetThemeRect
GetThemeTextExtent
SetWindowTheme
GetThemeSysSize
DrawThemeBackground

rsaenh

CPDeriveKey
CPDecrypt
CPEncrypt
CPCreateHash
CPGenKey

dhcpcsvc

DhcpFreeMem
McastApiCleanup
McastGenUID

user32

GetDlgItemTextW
PostMessageW
LoadIconA
DialogBoxParamA
ShowWindow
GetClassLongA
GetPropW
DrawStateA
LoadBitmapA
IsZoomed
PeekMessageW
FlashWindow
InsertMenuA
IsDialogMessageW

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8da814f536f3c5ab807d92d4de58fde7

Headers

DLL Characteristics

File Characteristics

Imports

wtsapi32

kernel32

msimg32

clbcatq

uxtheme

rsaenh

dhcpcsvc

user32

Sections

.text Size: 24KB - Virtual size: 20KB

.data Size: 20KB - Virtual size: 18KB

.rsrc Size: 176KB - Virtual size: 172KB

.text
Size: 24KB - Virtual size: 20KB

.data
Size: 20KB - Virtual size: 18KB

.rsrc
Size: 176KB - Virtual size: 172KB