7d24637ef5113cf19c646718109e2facadf2e26cbe11e7a279809411f304f41c

Sharing

Copy URL Twitter E-mail

General

Target

7d24637ef5113cf19c646718109e2facadf2e26cbe11e7a279809411f304f41c
Size

313KB
MD5

4104801bafb5ed82ae5f05fcb75c7f50
SHA1

78c837e2e292c1438cec9484a3cde086a0fb3ce3
SHA256

7d24637ef5113cf19c646718109e2facadf2e26cbe11e7a279809411f304f41c
SHA512

2395d7a2ada1bd34373c3ca2f7f501c555206a053131c552cabfe390231c105196351d7c501654c0501c52bbbdd1196292721fb23f64237d5e9bc1665a2845fd
SSDEEP

6144:Cunq+HYX+K4IpodMp3O1ytyJguekjJfBA9QjEXWSQ:CufHCsc7yymgbcBA9QQXWp

Score

N/A

Malware Config

Signatures

Files

7d24637ef5113cf19c646718109e2facadf2e26cbe11e7a279809411f304f41c
.exe windows x86

94c2dee99e400e3eab3409e86db28f92

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadImageW
DrawTextW
CopyRect
GetSystemMetrics
GetWindow
DestroyWindow
GetWindowLongW
MapWindowPoints
DialogBoxParamW
GetClientRect
SetWindowPos
GetDlgItem
GetDlgItemTextW
EnableWindow
SendDlgItemMessageW
SetWindowLongW
EndDialog
GetDialogBaseUnits
SetWindowTextW
SystemParametersInfoW
MessageBoxW
SetFocus
SendMessageW
ShowWindow
GetWindowRect
GetParent
LoadStringW
CharNextW
CreateDialogParamW
SetDlgItemTextW

kernel32

GetCurrentProcess
HeapDestroy
GetCurrentProcessId
lstrcmpiW
VirtualFree
GetTickCount
lstrlenW
EnterCriticalSection
FreeLibrary
GetEnvironmentStringsA
LoadLibraryExW
GetLastError
GetProcessHeap
FormatMessageW
SetLastError
GetModuleFileNameW
LocalFree
lstrlenA
GetSystemInfo
DeleteCriticalSection
SetUnhandledExceptionFilter
HeapFree
LeaveCriticalSection
InterlockedDecrement
GetSystemTimeAsFileTime
GetUserDefaultLCID
LoadResource
QueryPerformanceCounter
GlobalFindAtomW
LoadLibraryW
FindResourceW
SizeofResource
lstrcatW
LoadLibraryA
HeapAlloc
FlushInstructionCache
lstrcpynW
GetProcAddress
GetStartupInfoA
InterlockedIncrement
MultiByteToWideChar
lstrcpyW
OutputDebugStringA
RemoveDirectoryA

msvcrt

wcscat
?terminate@@YAXXZ
__CxxFrameHandler
malloc
wcscmp
??1type_info@@UAE@XZ
wcslen
realloc
_adjust_fdiv
_except_handler3
_initterm
wcsncpy
free
??2@YAPAXI@Z
swprintf
??3@YAXPAX@Z

advapi32

RegCreateKeyExW
RegQueryValueExW
RegDeleteKeyW
RegSetValueExW
GetTraceEnableFlags
RegCloseKey
RegisterTraceGuidsW
RegDeleteValueW
RegOpenKeyExW
UnregisterTraceGuids
GetTraceLoggerHandle
RegQueryInfoKeyW
GetTraceEnableLevel
RegEnumKeyExW
TraceMessage

rpcrt4

CStdStubBuffer_DebugServerQueryInterface
NdrCStdStubBuffer_Release
CStdStubBuffer_Connect
CStdStubBuffer_AddRef
NdrDllUnregisterProxy
NdrOleAllocate
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Disconnect
NdrDllCanUnloadNow
CStdStubBuffer_CountRefs
CStdStubBuffer_Invoke
NdrDllRegisterProxy
NdrOleFree
NdrDllGetClassObject
CStdStubBuffer_QueryInterface

url

OpenURLA
OpenURL
TelnetProtocolHandler
TelnetProtocolHandlerA

shell32

ShellExecuteW
SHGetFolderPathW

wldap32

ldap_count_entries
ldap_controls_freeW
ldap_count_references
ldap_count_values

Sections

text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94c2dee99e400e3eab3409e86db28f92

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

msvcrt

advapi32

rpcrt4

url

shell32

wldap32

Sections

text Size: 124KB - Virtual size: 123KB

.rdata Size: 156KB - Virtual size: 159KB

.rsrc Size: 31KB - Virtual size: 30KB

text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 156KB - Virtual size: 159KB

.rsrc
Size: 31KB - Virtual size: 30KB