c104083d22139646dddbfb359fee13fd82da6aaaad127e5b87e82add20e74067

Sharing

Copy URL Twitter E-mail

General

Target

c104083d22139646dddbfb359fee13fd82da6aaaad127e5b87e82add20e74067
Size

154KB
MD5

811f7bdd5a6fedb16c34715150801ae5
SHA1

78609dedc05f8b4a62753b6ac8841163f5e5627a
SHA256

c104083d22139646dddbfb359fee13fd82da6aaaad127e5b87e82add20e74067
SHA512

576c56eae7c045751629c0d9375fbbba1e760c933420cde14d40e02c86922e730cea5ca0e15548a5748f05d8cdb541b16a3ecd003cb4d80e96e876995d4c86d0
SSDEEP

3072:U/f5OkHQa5L3z90hDOCtYgt9Adzcjl9+PEEFVlBt16aAaW6VxeyjXdC01D:azvQsdsl2VFVlBt1rB/xeyjXdb

Score

N/A

Malware Config

Signatures

Files

c104083d22139646dddbfb359fee13fd82da6aaaad127e5b87e82add20e74067
.exe windows x86

3227ca6be3110db2e07afea42b2ce9aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegSetValueExA

kernel32

GetLocaleInfoA
GetThreadLocale
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
lstrcmpiA
lstrlenA
InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
GetACP
FindResourceA
FindResourceExA
CloseHandle
CreateMutexA
GetLastError
CreateProcessA
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
lstrcpynA
GetModuleHandleA
GetModuleFileNameA
FreeLibrary
LoadLibraryExA
IsDBCSLeadByte
WaitForSingleObject
SetEvent
CreateThread
CreateEventA
lstrcpyA
lstrcatA
LoadLibraryA
GetStringTypeA
LCMapStringW
InterlockedExchange
LoadResource
LCMapStringA
GetStringTypeW
RtlUnwind
HeapSize
GetCPInfo
GetOEMCP
GetProcessHeap
FlushFileBuffers
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualProtect
SetFilePointer
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapAlloc
HeapFree
HeapReAlloc
GetProcAddress
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsFree
SetLastError
TlsSetValue
TlsGetValue
TlsAlloc
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc

user32

DefWindowProcA
LoadIconA
LoadCursorA
RegisterClassExA
GetSystemMetrics
CreateWindowExA
LoadMenuA
GetSubMenu
GetCursorPos
wsprintfA
TrackPopupMenuEx
PostMessageA
DestroyMenu
PostQuitMessage
CharUpperA
SetForegroundWindow
CharNextA
DestroyWindow
LoadImageA
DestroyIcon
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA

ole32

CoInitialize
CoTaskMemRealloc
CoTaskMemAlloc
CoSetProxyBlanket
CoInitializeEx
CoTaskMemFree
CoCreateInstance
CoUninitialize

oleaut32

VariantInit
SysFreeString
VarUI4FromStr
SafeArrayGetElement
VariantClear
SysAllocStringLen
SysStringLen
SysAllocString

comctl32

InitCommonControlsEx

shell32

Shell_NotifyIconA

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3227ca6be3110db2e07afea42b2ce9aa

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

ole32

oleaut32

comctl32

shell32

Sections

.text Size: 51KB - Virtual size: 51KB

.data Size: 3KB - Virtual size: 10KB

.rsrc Size: 26KB - Virtual size: 26KB

.edata Size: 72KB - Virtual size: 72KB

.text
Size: 51KB - Virtual size: 51KB

.data
Size: 3KB - Virtual size: 10KB

.rsrc
Size: 26KB - Virtual size: 26KB

.edata
Size: 72KB - Virtual size: 72KB