57ca422d685efde65ca8e40d4735443ea963cc322b9fe3679d584754f80711ad

Sharing

Copy URL Twitter E-mail

General

Target

57ca422d685efde65ca8e40d4735443ea963cc322b9fe3679d584754f80711ad
Size

320KB
MD5

5b4fbcc86933dfbe60ae9074cb171060
SHA1

b91b6e724f556cf0dd3b33491addd992d74f717e
SHA256

57ca422d685efde65ca8e40d4735443ea963cc322b9fe3679d584754f80711ad
SHA512

ae95cb1190cf851f1047ab4f5193b1e67db7f12af9ef68ba4004774db7f6e4d755a43f47eebca67a9593199345a1146ef99dcf37c012c3a229e03cf381a74f42
SSDEEP

6144:7LdPE0T/2xDdQn2err4z8ftgCl6mN26ssNOeWnePEq3QZoxknU:7Js0SxDdQ2Eqtt6KeWnePf5xn

Score

N/A

Malware Config

Signatures

Files

57ca422d685efde65ca8e40d4735443ea963cc322b9fe3679d584754f80711ad
.exe windows x86

1bf8bc47468bb0299cc40ed41c78a6ed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DialogBoxParamW
MessageBoxW
GetSystemMetrics
MapWindowPoints
CharNextW
CopyRect
ShowWindow
GetDialogBaseUnits
CreateDialogParamW
GetClientRect
GetDlgItemTextW
DestroyWindow
SetFocus
GetParent
SetWindowPos
SystemParametersInfoW
SetDlgItemTextW
EndDialog
GetWindowLongW
GetDlgItem
SetWindowLongW
GetWindow
SendDlgItemMessageW
DrawTextW
LoadStringW
SetWindowTextW
LoadImageW
SendMessageW
GetWindowRect
EnableWindow

kernel32

GetCurrentProcessId
GetUserDefaultLCID
LocalFree
FormatMessageW
VirtualFree
lstrlenW
HeapAlloc
GetProcAddress
HeapFree
lstrcatW
GetModuleFileNameW
FreeLibrary
GetEnvironmentStringsA
QueryPerformanceCounter
LeaveCriticalSection
LoadResource
lstrlenA
FindResourceW
lstrcpyW
GetLastError
GetSystemInfo
InterlockedIncrement
GetSystemTimeAsFileTime
MultiByteToWideChar
lstrcpynW
FlushInstructionCache
SetUnhandledExceptionFilter
GetCurrentProcess
OutputDebugStringA
SetLastError
lstrcmpiW
SizeofResource
DeleteCriticalSection
GetProcessHeap
EnterCriticalSection
HeapDestroy
InterlockedDecrement
GetTickCount
LoadLibraryA

advapi32

RegSetValueExW
RegDeleteKeyW
RegQueryValueExW
RegCloseKey
GetTraceLoggerHandle
RegQueryInfoKeyW
GetTraceEnableFlags
UnregisterTraceGuids
TraceMessage
RegEnumKeyExW
RegCreateKeyExW
RegOpenKeyExW
RegDeleteValueW
RegisterTraceGuidsW
GetTraceEnableLevel

msvcrt

wcscat
_except_handler3
wcscmp
??1type_info@@UAE@XZ
?terminate@@YAXXZ
??2@YAPAXI@Z
??3@YAXPAX@Z
__CxxFrameHandler
wcslen
wcsncpy
free
swprintf
_adjust_fdiv
malloc
_initterm
realloc

rpcrt4

NdrCStdStubBuffer_Release
NdrOleFree
IUnknown_QueryInterface_Proxy
CStdStubBuffer_CountRefs
CStdStubBuffer_Invoke
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Disconnect
NdrOleAllocate
IUnknown_AddRef_Proxy
CStdStubBuffer_Connect
CStdStubBuffer_AddRef
CStdStubBuffer_QueryInterface
NdrDllUnregisterProxy
IUnknown_Release_Proxy
NdrDllRegisterProxy
NdrDllCanUnloadNow
NdrDllGetClassObject
CStdStubBuffer_DebugServerQueryInterface

shell32

ShellExecuteW
SHGetFolderPathW

untfs

Chkdsk
Extend
Format
ChkdskEx
Recover
FormatEx

ole32

CoTaskMemAlloc
CoSetProxyBlanket
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc

gdi32

SetBkMode

netshell

HrGetIconFromMediaType

Sections

text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 192KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1bf8bc47468bb0299cc40ed41c78a6ed

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

advapi32

msvcrt

rpcrt4

shell32

untfs

ole32

gdi32

netshell

Sections

text Size: 85KB - Virtual size: 85KB

.rdata Size: 192KB - Virtual size: 205KB

.rsrc Size: 40KB - Virtual size: 40KB

text
Size: 85KB - Virtual size: 85KB

.rdata
Size: 192KB - Virtual size: 205KB

.rsrc
Size: 40KB - Virtual size: 40KB