f5d4e830178067653ccd6367aa5d687d7cc0b26015c8b512623cbc011ee8b81d

Sharing

Copy URL Twitter E-mail

General

Target

f5d4e830178067653ccd6367aa5d687d7cc0b26015c8b512623cbc011ee8b81d
Size

59KB
MD5

4b3d8889e248933a6d0f2ff32a8f7c10
SHA1

f4cc57f963f3fa8666caebac4fdcd59fb0a603ae
SHA256

f5d4e830178067653ccd6367aa5d687d7cc0b26015c8b512623cbc011ee8b81d
SHA512

3bbc390c17045e02684a62b296365572426085faabc7958bfa5fea62957277b0cbab9c5621178daaab00ccfb2800a8c2d34b0c8429a2d6d1779f6262d34fca59
SSDEEP

768:3OCkhKlK5wnUK8A9ZoQKkeqQV7tPNXXx+objvPEIiWltLk/YBydZm8yqVTXsYvjx:38Kd8jrkeqo7tFXgEz2Kt3Bydw8bTc

Score

N/A

Malware Config

Signatures

Files

f5d4e830178067653ccd6367aa5d687d7cc0b26015c8b512623cbc011ee8b81d
.exe windows x86

5de20c39f40a4159289a19e0ed25fa2b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
LoadLibraryW
lstrlenW
GetLastError
GetCurrentThreadId
CreateThread
SetEvent
OpenEventW
GetCurrentProcessId
GetModuleHandleA
lstrlenA
OpenProcess
GetNumberFormatW
GetLocaleInfoW
CreateEventW
lstrcmpiW
Sleep
MapViewOfFile
lstrcmpW
WaitForSingleObject
UnmapViewOfFile
WideCharToMultiByte
LocalAlloc
LocalFree
InterlockedIncrement
LoadLibraryA
InterlockedDecrement
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
QueryPerformanceCounter
SetUnhandledExceptionFilter
RtlUnwind
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
SetProcessWorkingSetSize
GetExitCodeProcess
CloseHandle
GetTickCount
GetProcAddress
FreeLibrary
LoadLibraryExW
OpenFileMappingW

gdi32

DeleteObject

user32

GetUserObjectInformationW
GetThreadDesktop
GetProcessWindowStation
SendDlgItemMessageW
SetDlgItemTextW
RegisterWindowMessageW
GetDlgItem
SetWindowTextW
SetForegroundWindow
GetLastActivePopup
EnableWindow
ShowWindow
DestroyWindow
PostThreadMessageW
SetWindowPos
SystemParametersInfoW
GetWindowRect
SendMessageW
IsWindowVisible
IsWindow
DispatchMessageW
TranslateMessage
IsDialogMessageW
GetMessageW
MsgWaitForMultipleObjects
PeekMessageW
GetDlgCtrlID
ChildWindowFromPointEx
ScreenToClient
GetWindowLongW
SetWindowLongW
CreateDialogParamW
PostMessageW
PostQuitMessage
RegisterClassExW
DefWindowProcW
CreateWindowExW
EndDialog

msvcrt

_acmdln
_initterm
_controlfp
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
exit
_ismbblead
_exit
_cexit
__getmainargs
_vsnprintf
_vsnwprintf
memset
memcpy
_XcptFilter

cmutil

??1CmLogFile@@QAE@XZ
CmAtolW
CmIsDigitW
ReleaseBold
MakeBold
CmLoadStringW
CmWinHelp
??0CmLogFile@@QAE@XZ
??0CIniW@@QAE@PAUHINSTANCE__@@PBG111@Z
?GetPrimaryRegPath@CIniW@@QBEPBGXZ
CmStrCpyAllocW
?SetPrimaryRegPath@CIniW@@QAEXPBG@Z
?Init@CmLogFile@@QAEJPAUHINSTANCE__@@HPBG@Z
?GPPI@CIniW@@QBEKPBG0K@Z
?SetParams@CmLogFile@@QAEJHKPBG@Z
?Start@CmLogFile@@QAEJH@Z
?Stop@CmLogFile@@QAEJXZ
?Log@CmLogFile@@QAAXW4_CMLOG_ITEM@@ZZ
CmFmtMsgW
GetOSVersion
GetOSMajorVersion
?DeInit@CmLogFile@@QAEJXZ
??1CIniW@@QAE@XZ
CmLoadIconW
CmLoadSmallIconW
IsLogonAsSystem
?GPPB@CIniW@@QBEHPBG0H@Z
?Clear@CIniW@@QAEXXZ
?SetHInst@CIniW@@QAEXPAUHINSTANCE__@@@Z
?SetFile@CIniW@@QAEXPBG@Z
?GPPS@CIniW@@QBEPAGPBG00@Z
?GetFile@CIniW@@QBEPBGXZ
CmBuildFullPathFromRelativeW
?SetPrimaryFile@CIniW@@QAEXPBG@Z
CmMalloc
CmFree

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5de20c39f40a4159289a19e0ed25fa2b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

user32

msvcrt

cmutil

Sections

.text Size: 34KB - Virtual size: 34KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 20KB - Virtual size: 23KB

.text
Size: 34KB - Virtual size: 34KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 20KB - Virtual size: 23KB