44837601ee0ca7dd7db4ffb23b53270b1e2a39752236e3fe3c7473fca8211018

Sharing

Copy URL Twitter E-mail

General

Target

44837601ee0ca7dd7db4ffb23b53270b1e2a39752236e3fe3c7473fca8211018
Size

300KB
MD5

52062a093948b8496773a0b4cc8972b0
SHA1

35d717f7fef4fc64a18054f29328c068503e4b8c
SHA256

44837601ee0ca7dd7db4ffb23b53270b1e2a39752236e3fe3c7473fca8211018
SHA512

2dea9925d33eea9031f8d1aa00b27c34531187a33fe7d5fd5798ec37f6e4fcbe4345a9cf685ab7b2f39d0b08f8af7dd7a1fae9da3b6f0719ef22904d42bb23c8
SSDEEP

6144:mXSMHXmpvMAKgXNOYUr0MbudN88uPIOmhUfyyd28:mXjuMAK+trN0PIjhUKB

Score

N/A

Malware Config

Signatures

Files

44837601ee0ca7dd7db4ffb23b53270b1e2a39752236e3fe3c7473fca8211018
.exe windows x86

ce04b707b6126ebf62e761755f2ff217

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCommTimeouts
GetTimeZoneInformation
WaitNamedPipeW
GetLastError
GetShortPathNameA
GetConsoleScreenBufferInfo
GetAtomNameW
CreateIoCompletionPort
SetConsoleTextAttribute
CreateSemaphoreW
GetLogicalDriveStringsA
CreateFiber
SetConsoleActiveScreenBuffer
EnumResourceTypesA
GetCurrentProcess
VirtualQuery
GetTapeStatus
OpenFile
InitializeCriticalSection
TerminateThread
GetProcAddress
EnumCalendarInfoW
DosDateTimeToFileTime
GlobalGetAtomNameA
InterlockedCompareExchange
DisconnectNamedPipe
SetConsoleWindowInfo
GetConsoleMode
GetCurrentDirectoryW
WaitCommEvent
VirtualProtect
FindAtomA
GlobalDeleteAtom
EnumCalendarInfoA
CreateConsoleScreenBuffer
GetWindowsDirectoryW
GlobalUnlock
WriteFile
HeapDestroy
OpenFileMappingW
EnumSystemLocalesA
GetCommTimeouts
SetThreadIdealProcessor
lstrcpyA
GetCommandLineW
FlushInstructionCache
GetModuleHandleA
MultiByteToWideChar
FreeLibrary
CallNamedPipeA
LCMapStringA
GetDateFormatW
SetNamedPipeHandleState
CompareStringW
GetPrivateProfileSectionW
_lopen
GetCompressedFileSizeW
WriteProcessMemory
SetEndOfFile
SleepEx
FileTimeToDosDateTime
GetHandleInformation
GlobalSize
GetSystemTimeAdjustment
DeleteAtom
GetVersionExA
MoveFileA
GlobalAlloc
ExitProcess
GetUserDefaultLangID
GetThreadContext
GetStartupInfoW
CreateNamedPipeW
WriteProfileStringW
GetPrivateProfileIntW
TryEnterCriticalSection
GetNumberFormatA
CreateWaitableTimerW
UpdateResourceA
GetProfileIntA
IsDebuggerPresent
GetStdHandle
GetFileSize
GetComputerNameA
CreateProcessA
WriteConsoleOutputA
WritePrivateProfileStringW
HeapAlloc
GetVolumeInformationA
lstrcmpiW
GlobalFindAtomA
ScrollConsoleScreenBufferA
GetStartupInfoA

user32

OemToCharA
SetWindowTextW
NotifyWinEvent
GetWindowThreadProcessId
DestroyCaret
ToAscii
RemovePropW
IsCharAlphaNumericA
GetClassNameA
CharLowerBuffW
CascadeWindows
CharUpperW
CloseWindow
GetDC
EnumDisplaySettingsW
DeferWindowPos
SetProcessWindowStation

gdi32

CreateFontIndirectW
SetBitmapDimensionEx
UnrealizeObject
GetTextCharsetInfo
PolyBezier
GetTextFaceA
CreateRoundRectRgn
StretchBlt

comdlg32

ReplaceTextW
GetFileTitleA
ChooseFontW

advapi32

SetNamedSecurityInfoA
LookupAccountNameA
DuplicateTokenEx
AllocateLocallyUniqueId
RegSetValueW
UnlockServiceDatabase
RegOpenKeyExA
CreateServiceW
RegOpenKeyA
LogonUserW
BuildTrusteeWithNameW
RegRestoreKeyA
SetTokenInformation
RegSaveKeyW
IsValidSecurityDescriptor
SetPrivateObjectSecurity
ObjectDeleteAuditAlarmW
GetSecurityDescriptorControl
GetSecurityDescriptorGroup
OpenSCManagerA
CryptDestroyHash
RegNotifyChangeKeyValue
SetServiceStatus
StartServiceW
GetSidIdentifierAuthority
IsTextUnicode
GetServiceKeyNameW
MakeAbsoluteSD
CreateServiceA
RegQueryValueA
AdjustTokenPrivileges
CloseServiceHandle
QueryServiceConfigW
SetSecurityInfo
ImpersonateLoggedOnUser

shell32

ShellExecuteExW
SHAppBarMessage
SHGetSpecialFolderPathW
ShellExecuteExA

ole32

CoGetTreatAsClass
OleConvertOLESTREAMToIStorage
StgCreateDocfileOnILockBytes

oleaut32

GetActiveObject
VariantCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayCreate
SysAllocStringLen
VariantChangeType
SysAllocString
SafeArrayGetLBound

shlwapi

PathFindExtensionA
PathUnquoteSpacesW
PathCombineW
PathIsRootW
PathIsRootA
SHCopyKeyA
SHDeleteValueW
PathStripPathA
PathIsUNCServerW
SHRegCreateUSKeyW
SHRegWriteUSValueW
PathIsFileSpecA
wvnsprintfW
PathUndecorateW

setupapi

SetupDiEnumDeviceInterfaces
SetupGetBinaryField
SetupDiGetClassDescriptionW
SetupGetLineCountA
SetupDiCreateDeviceInfoA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW
SetupLogErrorW
SetupDiCreateDeviceInfoW

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

Sections

.text
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce04b707b6126ebf62e761755f2ff217

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

setupapi

msvcrt

Sections

.text Size: 272KB - Virtual size: 271KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 272KB - Virtual size: 271KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 12KB - Virtual size: 8KB