177d88c32c202bc3ba5aa47e0f1d91bc998f63f5835cf76d51d4625e7a65b0d2

General

Target

177d88c32c202bc3ba5aa47e0f1d91bc998f63f5835cf76d51d4625e7a65b0d2
Size

88KB
MD5

819a7e59dce4a4123dfe1e04d77360a0
SHA1

a2a288a9155f9958b64aebc65dc287990fe49912
SHA256

177d88c32c202bc3ba5aa47e0f1d91bc998f63f5835cf76d51d4625e7a65b0d2
SHA512

d1d2ba75b61239e8fc36c4960f9e9ef70910937f18f7b8f8c710fe48f37d70be1d3c783774f58aa62eacc2069155ad8a314e34ba4c716b30f28cf677e8d5c4bf
SSDEEP

768:CJrPC+ikG3S9e9nzzzzzzzzzzzzzzzzzzKeJrPj+uutPOhKby:CJ7TG3S9UieJf6iO

Score

N/A

Malware Config

Signatures

Files

177d88c32c202bc3ba5aa47e0f1d91bc998f63f5835cf76d51d4625e7a65b0d2
.exe windows x86

0629fb9cc90808970771d47dc3bc44eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

upnphost

DllRegisterServer
DllUnregisterServer
ServiceMain
DllGetClassObject

ctl3d32

Ctl3dRegister
Ctl3dCtlColor
Ctl3dEnabled
Ctl3dUnregister

user32

GetWindowLongA
CharToOemA
PostMessageA
CreateWindowExW
GetCaretPos
LoadImageW
IsCharLowerA
GetWindowTextA
GetMessageA
IsDialogMessageA
LoadCursorA
IsZoomed
IsWindow
DispatchMessageA

kernel32

GetDateFormatW
WriteProcessMemory
FindResourceExA
GetTimeFormatA
InterlockedExchange
GetAtomNameA
GetFullPathNameA
LoadLibraryA
GetNumberFormatA
SleepEx
SetErrorMode
GetProcessHeap
SetLastError
CompareStringW
HeapCreate

wtsapi32

WTSRegisterSessionNotification
WTSWaitSystemEvent
WTSEnumerateSessionsA
WTSQueryUserToken
WTSVirtualChannelClose
WTSVirtualChannelQuery
WTSSetSessionInformationA
WTSQuerySessionInformationA
WTSVirtualChannelOpen
WTSEnumerateServersA
WTSFreeMemory
WTSCloseServer
WTSLogoffSession
WTSVirtualChannelWrite
WTSSendMessageA
WTSVirtualChannelRead

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0629fb9cc90808970771d47dc3bc44eb

Headers

File Characteristics

Imports

upnphost

ctl3d32

user32

kernel32

wtsapi32

Sections

.text Size: 60KB - Virtual size: 56KB

.data Size: 12KB - Virtual size: 8KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 60KB - Virtual size: 56KB

.data
Size: 12KB - Virtual size: 8KB

.rsrc
Size: 12KB - Virtual size: 11KB