1a0def26c80634615ea4d9304787c90a1aa7588a17a13eabc578772da744d43a

General

Target

1a0def26c80634615ea4d9304787c90a1aa7588a17a13eabc578772da744d43a
Size

84KB
MD5

91ab3675267721971fdd3cf1bbcc0930
SHA1

4ee2f0fa70df0b65a75671b3837ae617cfc75a97
SHA256

1a0def26c80634615ea4d9304787c90a1aa7588a17a13eabc578772da744d43a
SHA512

db1db8986d2d626f674677ff745b7a16eb228afdcfd1cb83fa7f8d6c47c02b542b7ca9a70748264f7e63c56d0a6ee7f648e1dd3df70c7a6e986046319a7baa24
SSDEEP

384:pJrVzwB5OLgrIOu7dW65L3b8JrzziuGwofRdpSQXtP0PhKbv3K:pJrAUOe5LL8Jrz+uOtPOhKby

Score

N/A

Malware Config

Signatures

Files

1a0def26c80634615ea4d9304787c90a1aa7588a17a13eabc578772da744d43a
.exe windows x86

0629fb9cc90808970771d47dc3bc44eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

upnphost

DllRegisterServer
DllUnregisterServer
ServiceMain
DllGetClassObject

ctl3d32

Ctl3dRegister
Ctl3dCtlColor
Ctl3dEnabled
Ctl3dUnregister

user32

GetWindowLongA
CharToOemA
PostMessageA
CreateWindowExW
GetCaretPos
LoadImageW
IsCharLowerA
GetWindowTextA
GetMessageA
IsDialogMessageA
LoadCursorA
IsZoomed
IsWindow
DispatchMessageA

kernel32

GetDateFormatW
WriteProcessMemory
FindResourceExA
GetTimeFormatA
InterlockedExchange
GetAtomNameA
GetFullPathNameA
LoadLibraryA
GetNumberFormatA
SleepEx
SetErrorMode
GetProcessHeap
SetLastError
CompareStringW
HeapCreate

wtsapi32

WTSRegisterSessionNotification
WTSWaitSystemEvent
WTSEnumerateSessionsA
WTSQueryUserToken
WTSVirtualChannelClose
WTSVirtualChannelQuery
WTSSetSessionInformationA
WTSQuerySessionInformationA
WTSVirtualChannelOpen
WTSEnumerateServersA
WTSFreeMemory
WTSCloseServer
WTSLogoffSession
WTSVirtualChannelWrite
WTSSendMessageA
WTSVirtualChannelRead

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0629fb9cc90808970771d47dc3bc44eb

Headers

File Characteristics

Imports

upnphost

ctl3d32

user32

kernel32

wtsapi32

Sections

.text Size: 60KB - Virtual size: 56KB

.data Size: 8KB - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 60KB - Virtual size: 56KB

.data
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 11KB