a5b0f403a4bcfcbfab8f758b0cc553f0846909f34c1074092a5eae4997f3ded3

Sharing

Copy URL

Twitter E-mail

General

Target

a5b0f403a4bcfcbfab8f758b0cc553f0846909f34c1074092a5eae4997f3ded3
Size

105KB
MD5

a116a736696925ea46718bc7cafcf1c0
SHA1

0ea49bdb064c6362339c8bcdd0fc649410faed6d
SHA256

a5b0f403a4bcfcbfab8f758b0cc553f0846909f34c1074092a5eae4997f3ded3
SHA512

e63486498d780187d83c1e031ff9e4ee661e7aebea572eb9e3da100c267101cd30196b07a6391f5e2d1278372d9eff91f02c577e7cc55181950c967e6ce84934
SSDEEP

1536:gBB5i2z4rUi+8XuzEO7UMwoPN4iBVLiBHJVyDeMtF6Br7mLCO9VE7YJBAJufc6l:gNi28Q9IlOvBVeBHvyDpFK4CuC42E

Score

N/A

Malware Config

Signatures

Files

a5b0f403a4bcfcbfab8f758b0cc553f0846909f34c1074092a5eae4997f3ded3
.exe windows x86

28afc4e4db07bf8f6766f6cf33db05d6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyWindow
GetClassNameW
ShowWindow
IsDialogMessageW
SetWindowTextA
InvalidateRect
EnumChildWindows
GetUpdateRgn
GetDlgItem
EndPaint
RegisterWindowMessageW
PtInRect
KillTimer
SetCapture
ReleaseCapture
GetDC
GetKeyState
EnableWindow
GetMenu
SetWindowTextW
OffsetRect
SetScrollInfo
UnionRect
DispatchMessageW
GetParent
DialogBoxParamW
LoadImageW
UpdateWindow
MoveWindow
ScrollWindowEx
CheckMenuItem
DestroyAcceleratorTable
GetDesktopWindow
DrawIconEx
SetClipboardData
TranslateMessage
PostMessageW
EndDialog
GetSysColor
SetMenuItemInfoW
DrawFocusRect
IntersectRect
LoadCursorW
DeferWindowPos
GetDlgItemTextW
SetTimer
DefWindowProcW
BeginPaint
SetFocus
PostQuitMessage
BeginDeferWindowPos
GetClassLongW
InflateRect
GetSubMenu
OpenClipboard
GetMessageW
SetPropW
DrawMenuBar
CallWindowProcW
IsDlgButtonChecked
CheckMenuRadioItem
ChildWindowFromPoint
SendMessageW
TranslateAcceleratorW
SetWindowPos
GetSysColorBrush
LoadIconW
SetForegroundWindow
MonitorFromPoint
GetFocus
FlashWindow
SetMessageExtraInfo
SetSysColors
IsWindowVisible
VkKeyScanExW
SetScrollPos
SetScrollRange
GetKeyboardState
MonitorFromWindow
ScrollDC
MapVirtualKeyExW
MapVirtualKeyW
OemKeyScan
TrackPopupMenu
SetWindowsHookW
GetForegroundWindow
SetDlgItemTextW
DefFrameProcA
CloseWindow

comdlg32

FindTextW
GetSaveFileNameW
GetOpenFileNameW
ChooseFontW

shell32

SHGetPathFromIDListW
CommandLineToArgvW
SHGetMalloc
ShellExecuteW
SHGetFileInfoW

ole32

CoCreateInstance

advapi32

RegOpenKeyW
RegCreateKeyExW
LookupPrivilegeValueW
RegQueryValueExA
RegCloseKey
CloseServiceHandle
AllocateAndInitializeSid
FreeSid
OpenSCManagerW
RegQueryValueExW
RegOpenKeyExA
RegCreateKeyW
GetTokenInformation

gdi32

SetMapMode
CreateCompatibleBitmap
CreateCompatibleDC
GetBkColor
SetBkColor
EndDoc
CreateSolidBrush
RectInRegion
MoveToEx
StartPage
CreateRectRgnIndirect
SetTextColor
CombineRgn
DeleteDC
Polyline
CreateFontIndirectW
GetDeviceCaps
SelectObject
StartDocW

comctl32

ImageList_ReplaceIcon
ImageList_SetBkColor
InitCommonControlsEx
ImageList_Destroy
ImageList_Create
ImageList_DrawEx

version

VerQueryValueW
GetFileVersionInfoSizeW

kernel32

GetSystemTimeAsFileTime
VirtualQueryEx
FindClose
GetFileAttributesW
CreateFileA
HeapAlloc
FileTimeToSystemTime
GetACP
GetNativeSystemInfo
GetTimeZoneInformation
Sleep
GlobalUnlock
GetModuleHandleW
SetCurrentDirectoryW
LoadLibraryW
GetFileType
WriteFile
SetHandleCount
lstrlenA
LocalFree
GetCurrentProcessId
FindResourceW
VirtualAllocEx
UnhandledExceptionFilter
GlobalFree
FreeEnvironmentStringsA
VirtualFree
CloseHandle
HeapSize
WriteConsoleA
ExpandEnvironmentStringsW
SetEndOfFile
GetModuleFileNameW
CreateProcessW
SetEnvironmentVariableW
ExpandEnvironmentStringsA
GetStdHandle
QueryPerformanceFrequency
IsDebuggerPresent
SetProcessWorkingSetSize
WaitForSingleObject
ExitThread
GetFileSize
GetTempPathA
ReadFile
FileTimeToLocalFileTime
CreateNamedPipeW
SuspendThread
MultiByteToWideChar
SetEnvironmentVariableA
HeapCreate
IsBadReadPtr
Module32NextW
RaiseException
FreeEnvironmentStringsW
HeapFree
QueryPerformanceCounter
GetTickCount
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
IsValidCodePage
HeapReAlloc
RtlUnwind
GetEnvironmentVariableW
SetStdHandle
LoadLibraryA
TlsFree
GetProcessHeap
SetEvent
TlsGetValue
GetCommandLineA
GetStartupInfoA
GetProcAddress
ExitProcess
WideCharToMultiByte
GetEnvironmentStringsW
TlsSetValue
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
GetTimeFormatW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
LoadResource
FlushFileBuffers
SetProcessShutdownParameters
GetProcessId
GetProcessIoCounters
ClearCommBreak
EncodeSystemPointer
GetThreadTimes
DecodeSystemPointer
GlobalUnfix
VirtualAlloc
ReadProcessMemory
GetCurrentProcess
WriteProcessMemory
OpenProcess
CompareStringA
SetLastError
SetUnhandledExceptionFilter
QueryDosDeviceW
DebugBreak
InitializeCriticalSectionAndSpinCount
SetFilePointer
GetLastError
GetModuleFileNameA
GetLocaleInfoA
GetOEMCP
LockResource
GetThreadContext
GetCurrentDirectoryW
WriteConsoleW
GlobalLock
Module32FirstW
GetNumberFormatW
GetSystemInfo
LocalAlloc
DeleteCriticalSection
GetConsoleCP
GetEnvironmentStrings
FindFirstFileW
DeleteFileW
TlsAlloc
TerminateProcess

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28afc4e4db07bf8f6766f6cf33db05d6

Headers

DLL Characteristics

File Characteristics

Imports

user32

comdlg32

shell32

ole32

advapi32

gdi32

comctl32

version

kernel32

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 6KB - Virtual size: 24KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 6KB - Virtual size: 24KB

.rsrc
Size: 28KB - Virtual size: 27KB