3f8f3e622a0ea314d6b5b82d4782189cc9a3a925bfcff86c6d48dc2e2328ba6f

General

Target

3f8f3e622a0ea314d6b5b82d4782189cc9a3a925bfcff86c6d48dc2e2328ba6f
Size

844KB
MD5

7265f0a740dee65d66246dd581eba290
SHA1

9a5df0379d7bca3e14682a41001c4ca4edf29f62
SHA256

3f8f3e622a0ea314d6b5b82d4782189cc9a3a925bfcff86c6d48dc2e2328ba6f
SHA512

438987de3648e57904ed6d9747bdaad43d420d81fabae0cd4f66c0335c2c423a7c7d8dcc9339aa3b53760f66a354fea3869a9fe734c674c3cbad8c7879a26185
SSDEEP

12288:PdmSxqyxXjxaJd2JkwCjPtfyvkcFdCb4ZsWaY5DlwDu3NwCFDoaspdt77B:PvdXjwWKBjZwkZ4ObkBNNpE7t77

Score

N/A

Malware Config

Signatures

Files

3f8f3e622a0ea314d6b5b82d4782189cc9a3a925bfcff86c6d48dc2e2328ba6f
.exe windows x86

316ef055187ff9441ac54eafcaa30729

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

dsprop

FindSheet
ErrMsg
CheckADsError
ReportError
MsgBox

msasn1

ASN1BERDecEoid
ASN1BERDecBool
ASN1BERDecCheck
ASN1BERDecNull
ASN1BERDecCharString

uxtheme

GetThemeSysSize
GetThemeTextExtent
CloseThemeData
DrawThemeBackground
SetWindowTheme
GetThemeBool
IsThemeActive
GetWindowTheme

crypt32

CertFindCRLInStore
CertOpenStore
CertControlStore
CertSaveStore
CertFreeCRLContext

kernel32

EncodePointer
CreateSemaphoreA
LoadLibraryA
FindResourceA
VirtualQueryEx
CreatePipe
lstrcmpiA
GetProcAddress
IsBadWritePtr
lstrcpynA
lstrcmpA
GetComputerNameA
GetFileSize
SetCurrentDirectoryA
CreateMutexA
GetBinaryTypeA
OpenMutexA
CopyFileA
GetEnvironmentVariableA
HeapCreate
GetAtomNameA
SetFileAttributesA
QueryDosDeviceA
CreateEventA

wtsapi32

WTSSetSessionInformationA
WTSWaitSystemEvent
WTSFreeMemory
WTSRegisterSessionNotification
WTSQueryUserToken
WTSLogoffSession
WTSVirtualChannelWrite
WTSSendMessageA
WTSEnumerateServersA
WTSCloseServer

clbcatq

CheckMemoryGates
SetSetupSave
ComPlusMigrate
SetupOpen
DllGetClassObject

Sections

.code
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 805KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

316ef055187ff9441ac54eafcaa30729

Headers

DLL Characteristics

File Characteristics

Imports

dsprop

msasn1

uxtheme

crypt32

kernel32

wtsapi32

clbcatq

Sections

.code Size: 38KB - Virtual size: 38KB

.rsrc Size: 805KB - Virtual size: 2.2MB

.code
Size: 38KB - Virtual size: 38KB

.rsrc
Size: 805KB - Virtual size: 2.2MB