01f564c16d4da9cdccfdcbdbb2e427d5d2eb398dc19b01d195fa7290e2f68c8e

Sharing

Copy URL Twitter E-mail

General

Target

01f564c16d4da9cdccfdcbdbb2e427d5d2eb398dc19b01d195fa7290e2f68c8e
Size

193KB
MD5

4ca0fde6160467bc71222921b9470105
SHA1

1874d0a1760a69333ab47728dea4cab06008e49b
SHA256

01f564c16d4da9cdccfdcbdbb2e427d5d2eb398dc19b01d195fa7290e2f68c8e
SHA512

c7188262b07a75ea0c13e795537539491537ea3299c147d26c02694835ff116bb32e88a693db10223771405ca755720eae222660679051a8caba7df7002b9f96
SSDEEP

3072:BYqfHbhq0/DeP+DZpFB+2xmh0QSoKKBlKxyAZEHzJiQtq:BP7h5KP+ts2xmhfGKraEHLtq

Score

N/A

Malware Config

Signatures

Files

01f564c16d4da9cdccfdcbdbb2e427d5d2eb398dc19b01d195fa7290e2f68c8e
.exe windows x86

6445f6d3fcb90f4f27d8d6bf6dd768f7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegGetValueW
TraceMessage
RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
TraceEvent
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegisterTraceGuidsW
UnregisterTraceGuids
RegQueryValueExW

kernel32

OpenEventW
SetThreadExecutionState
CreateFileW
lstrcmpiW
GetCommandLineW
FindClose
FindNextFileW
FindFirstFileW
GetFileAttributesW
GetWindowsDirectoryW
CreateEventW
CloseHandle
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
Sleep
CreateMutexW
RegisterApplicationRestart
ReleaseMutex
GetLastError
LocalFree
HeapSetInformation
lstrlenW
UnhandledExceptionFilter

gdi32

DeleteObject

user32

AllowSetForegroundWindow
SetForegroundWindow
LoadStringW
SetTimer
GetDoubleClickTime
FindWindowW
KillTimer
UnregisterClassW
CreateWindowExW
LoadIconW
GetCursorPos
PostMessageW
GetSystemMetrics
GetClientRect
EndDialog
DestroyIcon
GetFocus
GetForegroundWindow
SendDlgItemMessageW
IsDlgButtonChecked
GetDlgItem
LoadImageW
EnableWindow
GetSysColor
SendMessageW
GetWindowLongA
SetWindowLongA
EnableScrollBar
DestroyMenu
TrackPopupMenuEx
PostQuitMessage
GetMessageW
TranslateMessage
DispatchMessageW
CheckDlgButton
EndMenu
SystemParametersInfoW
SendMessageTimeoutW
DialogBoxParamW
DefWindowProcW
RegisterClassExW
AppendMenuW
SetMenuDefaultItem
RegisterWindowMessageW
DestroyWindow
CreatePopupMenu

msvcrt

_amsg_exit
??_V@YAXPAX@Z
??_U@YAPAXI@Z
memcpy
_controlfp
_except_handler4_common
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
??2@YAPAXI@Z
??3@YAXPAX@Z
_exit
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_cexit
__getmainargs
_ftol2
_vsnwprintf
wcsncmp
memset

winmm

PlaySoundW
waveOutGetNumDevs

shell32

CommandLineToArgvW
ord100
SHGetSpecialFolderPathW
SHGetFileInfoW
SHGetFolderPathW
Shell_NotifyIconW

gdiplus

GdipCreateBitmapFromScan0
GdipCreateHBITMAPFromBitmap
GdipCreateSolidFill
GdipGetImageGraphicsContext
GdipFillRectangleI
GdipDrawImageRectI
GdipCloneBrush
GdipCloneImage
GdipCreateBitmapFromFileICM
GdipDisposeImage
GdipDeleteGraphics
GdipDeleteBrush
GdipFree
GdipAlloc
GdiplusStartup
GdiplusShutdown
GdipCreateBitmapFromFile
GdipGetImageHeight
GdipGetImageThumbnail
GdipGetImageWidth

ole32

CoInitializeEx
CoCreateInstance
CoUninitialize

comctl32

ImageList_Destroy
ImageList_Remove
ord345
ImageList_ReplaceIcon
ImageList_Create
ord344

comdlg32

GetOpenFileNameW

shlwapi

ord271
ord618
PathCombineW
PathMakePrettyW
PathFindExtensionW
PathFindFileNameW
PathAppendW
StrChrW
PathRemoveExtensionW
ord158

powrprof

PowerDeterminePlatformRole
GetPwrCapabilities

slc

SLGetWindowsInformationDWORD

oleaut32

SysAllocString
SysFreeString
VariantInit

secur32

GetUserNameExW

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

csxdybn
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6445f6d3fcb90f4f27d8d6bf6dd768f7

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

msvcrt

winmm

shell32

gdiplus

ole32

comctl32

comdlg32

shlwapi

powrprof

slc

oleaut32

secur32

Sections

.text Size: 55KB - Virtual size: 55KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 106KB - Virtual size: 106KB

.reloc Size: 30KB - Virtual size: 31KB

csxdybn Size: - Virtual size: 4KB

.text
Size: 55KB - Virtual size: 55KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 106KB - Virtual size: 106KB

.reloc
Size: 30KB - Virtual size: 31KB

csxdybn
Size: - Virtual size: 4KB