ef8383f4d07d3b041f17212ae24bcf28ca51ffa6053c9f6aceff9c67611af033

Sharing

Copy URL Twitter E-mail

General

Target

ef8383f4d07d3b041f17212ae24bcf28ca51ffa6053c9f6aceff9c67611af033
Size

231KB
MD5

50a865c7c5bdf8597e0e6b5e2c4b09f0
SHA1

be3070f1d6bec0072bd4bacc4b65ef97af8f59c7
SHA256

ef8383f4d07d3b041f17212ae24bcf28ca51ffa6053c9f6aceff9c67611af033
SHA512

125e71832fe72afeceb8f97d3fc6452ea63eb694182184213300731a019583d52c7aa0a8a80d884620b2e2161b77174811843964a0e29f2a4d205e65b90301b4
SSDEEP

3072:afEaiApqZprR6vs+xuxep3AAWhxB4ja0LN6msYFbFveIkcUKOU5eF:MUZ/MPTp33W+jrwYFbFvv55

Score

N/A

Malware Config

Signatures

Files

ef8383f4d07d3b041f17212ae24bcf28ca51ffa6053c9f6aceff9c67611af033
.exe windows x86

bbc53e333f88b0994c37cccf2bd006a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW

kernel32

InterlockedDecrement
CreateThread
GetCurrentThreadId
CloseHandle
WriteFile
CreateFileW
MulDiv
SetEvent
FormatMessageW
LocalFree
GetFileSizeEx
GetFileAttributesW
CreateDirectoryW
GetTempPathW
FindNextFileW
ResetEvent
WaitForSingleObject
GetProcessHeap
GetLastError
HeapAlloc
HeapFree
lstrlenW
FindFirstFileW
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
lstrlenA
GetOverlappedResult
WaitForMultipleObjects
ReadFile
HeapReAlloc
GetModuleFileNameW
DeleteFileW
CreateEventW
FindClose
InterlockedIncrement
RemoveDirectoryW
GetSystemTimeAsFileTime

gdi32

DeleteObject
GetObjectW
GetDeviceCaps
CreateFontIndirectW

user32

GetWindowRect
EnableWindow
GetWindowLongW
GetParent
SendMessageW
SetWindowLongW
PostMessageW
GetDlgItem
SetWindowTextW
SetDlgItemTextW
SendDlgItemMessageW
MapWindowPoints
MessageBoxW
ShowWindow
GetDC
ReleaseDC
KillTimer
LoadStringW
PostThreadMessageW
SetTimer
GetMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
LoadImageW
GetWindowTextLengthW
SetForegroundWindow

msvcrt

__set_app_type
_except_handler4_common
??1type_info@@UAE@XZ
_unlock
__dllonexit
_lock
_onexit
?terminate@@YAXXZ
_controlfp
__p__fmode
_XcptFilter
memcpy
_exit
_cexit
__getmainargs
malloc
_callnewh
_CxxThrowException
free
??0exception@@QAE@ABV0@@Z
__p__commode
__setusermatherr
_amsg_exit
_acmdln
_ismbblead
exit
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
??0exception@@QAE@XZ
rand_s
wcschr
wcstoul
_wcsicmp
memset
_vsnwprintf
_initterm
memmove

comctl32

PropertySheetW
InitCommonControlsEx

shell32

SHGetPathFromIDListW
SHGetSpecialFolderPathW
SHCreateItemFromParsingName
ord190
SHCreateShellItemArrayFromIDLists
ord155
SHBrowseForFolderW
SHCreateItemInKnownFolder
SHGetDesktopFolder
SHBindToParent
SHSetLocalizedName
SHGetFolderPathW
ShellExecuteW
ord258

comdlg32

GetOpenFileNameW
CommDlgExtendedError

shlwapi

PathRemoveFileSpecW
StrStrIA
ord174
StrRetToBufW
PathAppendW
PathAddExtensionW
PathIsDirectoryW
PathFindFileNameW
PathFindExtensionW
PathCombineW
StrFormatByteSizeW

ws2_32

getpeername
ioctlsocket
WSARecv
WSASend
WSAGetOverlappedResult
bind
getsockname
listen
WSASetServiceW
socket
setsockopt
WSAGetLastError
connect
closesocket
WSACleanup
WSAStartup

mswsock

AcceptEx

ole32

PropVariantClear
CoTaskMemFree
CoMarshalInterThreadInterfaceInStream
CoInitializeEx
CoGetInterfaceAndReleaseStream
CoUninitialize
CoCreateInstance
CoRegisterClassObject
CoRevokeClassObject

bthprops.cpl

BluetoothAuthenticateDeviceEx
BluetoothEnableDiscovery
BluetoothFindFirstRadio
BluetoothFindRadioClose
BluetoothGetDeviceInfo

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bbc53e333f88b0994c37cccf2bd006a6

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

msvcrt

comctl32

shell32

comdlg32

shlwapi

ws2_32

mswsock

ole32

bthprops.cpl

Sections

.text Size: 39KB - Virtual size: 39KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 171KB - Virtual size: 171KB

.reloc Size: 19KB - Virtual size: 22KB

.text
Size: 39KB - Virtual size: 39KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 171KB - Virtual size: 171KB

.reloc
Size: 19KB - Virtual size: 22KB