52e831d436fb440d37fc03081a076f8305e9c21b5467f4a72079d491c9ddf280

Sharing

Copy URL Twitter E-mail

General

Target

52e831d436fb440d37fc03081a076f8305e9c21b5467f4a72079d491c9ddf280
Size

1.4MB
MD5

81dc212b6bfe2dee760986a886ab7480
SHA1

ac67219d300d1cc5687e265b4acfd567ea7c7464
SHA256

52e831d436fb440d37fc03081a076f8305e9c21b5467f4a72079d491c9ddf280
SHA512

6488cb3545dcf2cbde1723ec470aefd7ae5a937e702b13ea656c414c3ba0d80727798486efb859013b7acc2bcf6b3834042983720f3e83514617fe471a5dcc33
SSDEEP

24576:+PNCkCuZ2vfr9WN5BTZ9dv4LcwtcPrroGepYZ629gIy2KnMewYn4oHevsTnC6:+FCwZ2HwLbDv3Pvt4YZHgEKiY4oGsTnJ

Score

N/A

Malware Config

Signatures

Files

52e831d436fb440d37fc03081a076f8305e9c21b5467f4a72079d491c9ddf280
.exe windows x86

afb24fc837957902b094abe91a02e798

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

uxtheme

GetThemeBool
DrawThemeEdge
DrawThemeBackground
SetWindowTheme
GetThemeInt
IsThemeActive
CloseThemeData
GetWindowTheme
GetThemeFilename
OpenThemeData
GetThemeSysSize
GetThemeRect
GetThemeTextMetrics

onex

OneXDeInitialize
OneXCopyAuthParams

modemui

drvCommConfigDialogA
drvGetDefaultCommConfigA
drvSetDefaultCommConfigA
InvokeControlPanel

certcli

CAEnumFirstCA
CACloseCertType
CAEnumNextCA
CADeleteCA
CACloseCA

kernel32

GetCommandLineA
SleepEx
GetGeoInfoW
CloseHandle
QueryDosDeviceA
GetDriveTypeA
UpdateResourceW
GetConsoleTitleW
GetModuleHandleA
WriteConsoleW
VirtualProtect
CreateDirectoryA
LoadLibraryW

wtsapi32

WTSVirtualChannelRead
WTSSetSessionInformationW
WTSQuerySessionInformationA
WTSWaitSystemEvent
WTSEnumerateProcessesA
WTSSetUserConfigW
WTSEnumerateServersA
WTSUnRegisterSessionNotification
WTSEnumerateSessionsW
WTSFreeMemory
WTSVirtualChannelOpen
WTSLogoffSession

ctl3d32

Ctl3dUnregister
Ctl3dRegister
Ctl3dEnabled

shell32

DragAcceptFiles
SHChangeNotify
SHFree
DragFinish
SHGetDesktopFolder
StrChrA
DragQueryPoint
SHFileOperationA
DragQueryFileA
SHCreateShellItem
SHGetMalloc
DuplicateIcon
SHGetDiskFreeSpaceA
ShellAboutA
FindExecutableA

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

afb24fc837957902b094abe91a02e798

Headers

DLL Characteristics

File Characteristics

Imports

uxtheme

onex

modemui

certcli

kernel32

wtsapi32

ctl3d32

shell32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.data Size: 48KB - Virtual size: 44KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 48KB - Virtual size: 44KB

.rsrc
Size: 8KB - Virtual size: 6KB