8010f3d26cf405dcce61dd62d2d2351b1358d77d6391099112288bb590153f3b

Sharing

Copy URL Twitter E-mail

General

Target

8010f3d26cf405dcce61dd62d2d2351b1358d77d6391099112288bb590153f3b
Size

196KB
MD5

8150679d8d11d324a374a5b21d4fbf00
SHA1

ad141f2d884eea05476d2a681c35638187a23083
SHA256

8010f3d26cf405dcce61dd62d2d2351b1358d77d6391099112288bb590153f3b
SHA512

2b6b9defc6198ccdcea5b1215c833d8543c21006a2d913628b8aa4fcb2e77962d6d9a52cdfd5243235de0c200c030baab36621ac341075b88a21731050cc348d
SSDEEP

3072:aI9Jt6sx/Z28R6vs+xuxep3AAWhxB4ja0LN6msHOjKDluyPUO:Tbx/Z/MPTp33W+jrwHL7PU

Score

N/A

Malware Config

Signatures

Files

8010f3d26cf405dcce61dd62d2d2351b1358d77d6391099112288bb590153f3b
.exe windows x86

4712651bcff9b3baac313361ce7e6f71

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA

kernel32

GetCurrentThreadId
HeapReAlloc
WriteFile
CreateFileW
lstrlenA
SetEvent
LocalFree
GetOverlappedResult
ReadFile
LocalAlloc
GetFileSizeEx
MulDiv
FormatMessageW
HeapAlloc
WaitForSingleObject
GetModuleFileNameW
ResetEvent
InterlockedDecrement
InterlockedIncrement
WaitForMultipleObjects
GetProcAddress
ExpandEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
CreateEventW
CloseHandle
GetLastError
CreateThread
GetProcessHeap
HeapFree
lstrlenW
LoadLibraryA

gdi32

DeleteObject
GetObjectW
CreateFontIndirectW
GetDeviceCaps

user32

GetDlgItem
MessageBoxW
GetWindowTextLengthW
EnableWindow
GetWindowLongW
SetWindowLongW
ReleaseDC
SendDlgItemMessageW
GetParent
ShowWindow
SetWindowTextW
SetDlgItemTextW
PostMessageW
KillTimer
LoadStringW
PostThreadMessageW
SetTimer
GetMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
SetFocus
SendMessageW
LoadImageW
GetDC
GetDlgItemTextW

msvcrt

memset
_vsnwprintf
memmove
wcstoul
__set_app_type
_cexit
_exit
_XcptFilter
_ismbblead
_except_handler4_common
_controlfp
__getmainargs
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
?terminate@@YAXXZ

comctl32

PropertySheetW
InitCommonControlsEx

shell32

SHSetLocalizedName
ord258
ShellExecuteW
SHBrowseForFolderW
SHGetPathFromIDListW
ord155
SHGetSpecialFolderPathW
SHBindToParent
SHGetFolderPathW

comdlg32

GetOpenFileNameW

shlwapi

PathRemoveFileSpecW
StrStrIA
PathFindFileNameW
PathCombineW
StrFormatByteSizeW
PathAddExtensionW
StrRetToBufW
PathAppendW

ws2_32

getpeername
WSAStartup
WSACleanup
ioctlsocket
setsockopt
closesocket
WSAGetLastError
connect
socket
WSASetServiceW
listen
getsockname
bind
WSAGetOverlappedResult
WSASend
WSARecv

mswsock

AcceptEx

ole32

CoInitialize
CoMarshalInterThreadInterfaceInStream
CoInitializeEx
CoGetInterfaceAndReleaseStream
CoCreateInstance
CoUninitialize
CoRegisterClassObject
CoRevokeClassObject

irprops.cpl

BluetoothSelectDevices
BluetoothAuthenticateDevice
BluetoothEnableDiscovery
BluetoothSelectDevicesFree
BluetoothFindFirstRadio
BluetoothFindRadioClose
BluetoothGetDeviceInfo

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4712651bcff9b3baac313361ce7e6f71

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

msvcrt

comctl32

shell32

comdlg32

shlwapi

ws2_32

mswsock

ole32

irprops.cpl

Sections

.text Size: 30KB - Virtual size: 30KB

.data Size: 512B - Virtual size: 1020B

.rsrc Size: 143KB - Virtual size: 143KB

.reloc Size: 21KB - Virtual size: 26KB

.text
Size: 30KB - Virtual size: 30KB

.data
Size: 512B - Virtual size: 1020B

.rsrc
Size: 143KB - Virtual size: 143KB

.reloc
Size: 21KB - Virtual size: 26KB