928799bf5fa758c747a0b381b1ae1e3e377fa5631fcfa207ec38386bc47c0ef1

Sharing

Copy URL Twitter E-mail

General

Target

928799bf5fa758c747a0b381b1ae1e3e377fa5631fcfa207ec38386bc47c0ef1
Size

44KB
MD5

5d22c8b16501ee32894e7dcd7eaeac3b
SHA1

213f934bdc90b29f7ab68989f9d034d93508d685
SHA256

928799bf5fa758c747a0b381b1ae1e3e377fa5631fcfa207ec38386bc47c0ef1
SHA512

444594dcc9e00470f42ab3bb781f3d6d4a3ef019826168b545b1171034cf509c24b9e9572e4f77fd3bbb4f875415987968b595bbe9b4b0313269dceadcb3f950
SSDEEP

768:KP4vpJAcsI5iKgy30zM79rF3YJrmyEwwpqk9yPJjcN/Ce2qQiAZrw6dbj/5wj:KPYFskgy7pF3YJPafqWNd2qzAZr7dvRK

Score

N/A

Malware Config

Signatures

Files

928799bf5fa758c747a0b381b1ae1e3e377fa5631fcfa207ec38386bc47c0ef1
.exe windows x86

73054a8db131c60c892ce6fde5c03536

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatW
GetWindowsDirectoryW
LoadLibraryA
GetProcAddress
GetSystemInfo
VirtualAlloc
CreateFileW

user32

InsertMenuA
InsertMenuItemA
IntersectRect
InvalidateRgn
InvertRect
IsCharAlphaW
IsCharUpperA
IsRectEmpty
IsWindowUnicode
KillTimer
LoadAcceleratorsW
LoadBitmapA
LoadBitmapW
LoadCursorA
LoadCursorFromFileW
LoadMenuA
LockSetForegroundWindow
MapVirtualKeyA
MessageBoxExW
MessageBoxIndirectW
ModifyMenuA
MonitorFromPoint
NotifyWinEvent
OffsetRect
OpenDesktopW
PaintDesktop
PostMessageA
PostMessageW
PostThreadMessageA
RealChildWindowFromPoint
RealGetWindowClass
RedrawWindow
RegisterClassA
RegisterClassExA
InflateRect
RegisterClassW
RegisterHotKey
RegisterShellHookWindow
RegisterWindowMessageA
RemoveMenu
ScrollDC
ScrollWindowEx
SendDlgItemMessageW
SendIMEMessageExA
SendMessageCallbackW
SendMessageTimeoutA
SendMessageTimeoutW
SendMessageW
SetCaretPos
SetDlgItemTextA
SetForegroundWindow
SetMenuDefaultItem
SetMenuInfo
SetMenuItemInfoW
SetMessageQueue
SetParent
SetProcessWindowStation
SetScrollInfo
SetThreadDesktop
SetUserObjectInformationW
SetWindowContextHelpId
SetWindowLongA
SetWindowTextA
SetWindowsHookA
SubtractRect
SystemParametersInfoW
TranslateAccelerator
TranslateAcceleratorW
UnregisterDeviceNotification
UpdateWindow
VkKeyScanA
WINNLSGetIMEHotkey
WaitMessage
WinHelpA
wvsprintfA
wvsprintfW
IMPSetIMEW
HiliteMenuItem
HideCaret
GetWindowModuleFileNameA
GetWindowLongA
GetWindowDC
GetUpdateRgn
GetTitleBarInfo
GetSystemMenu
GetScrollInfo
GetPropW
GetPropA
GetParent
GetNextDlgGroupItem
GetMonitorInfoW
GetMessagePos
GetMessageExtraInfo
GetMenuStringA
GetMenuItemID
GetMenuItemCount
GetKeyboardLayoutNameW
GetKeyboardLayoutList
GetKeyNameTextW
GetKBCodePage
GetInputState
GetDlgItemTextA
GetCursorPos
GetCursorInfo
GetCursor
GetComboBoxInfo
GetClipboardFormatNameW
GetClipboardData
GetClipCursor
GetClassNameW
GetClassLongA
GetCaretBlinkTime
GetAsyncKeyState
GetAltTabInfoW
GetActiveWindow
FrameRect
ExcludeUpdateRgn
EnumWindowStationsA
EnumDisplaySettingsExW
EnumDisplayDevicesA
EnumDesktopsW
EnumDesktopWindows
EnumChildWindows
EndTask
EnableMenuItem
DrawStateA
DrawIcon
DrawFrameControl
DrawFrame
DragObject
DlgDirListW
DispatchMessageW
DestroyCaret
DefWindowProcW
DdeSetUserHandle
DdeQueryStringW
DdeQueryNextServer
DdePostAdvise
DdeKeepStringHandle
DdeInitializeA
DdeGetData
DdeFreeStringHandle
DdeDisconnectList
DdeCreateStringHandleW
DdeConnect
DdeCmpStringHandles
DdeAbandonTransaction
CreateMenu
CreateIconIndirect
CreateCursor
CreateAcceleratorTableA
CountClipboardFormats
CopyIcon
CopyAcceleratorTableA
CloseWindow
ClientToScreen
CheckMenuItem
CharUpperBuffW
CharUpperA
CharToOemA
CharPrevW
CharLowerBuffW
CharLowerBuffA
CharLowerA
ChangeMenuW
ChangeDisplaySettingsExA
CascadeWindows
CascadeChildWindows
CallMsgFilterA
BringWindowToTop
BlockInput
AttachThreadInput
AdjustWindowRect
RegisterClassExW

shell32

Shell_NotifyIconW
Shell_NotifyIconA
Shell_NotifyIcon
ShellHookProc
ShellExecuteW
ShellExecuteExW
ShellExecuteExA
ShellExecuteEx
ShellExecuteA
ShellAboutW
SHQueryRecycleBinW
SHQueryRecycleBinA
SHPathPrepareForWriteW
SHPathPrepareForWriteA
SHLoadNonloadedIconOverlayIdentifiers
SHLoadInProc
SHIsFileAvailableOffline
CheckEscapesW
CommandLineToArgvW
DoEnvironmentSubstA
DoEnvironmentSubstW
DragAcceptFiles
DragFinish
DragQueryFile
DragQueryFileA
DragQueryFileAorW
DragQueryFileW
DragQueryPoint
DuplicateIcon
ExtractAssociatedIconA
ExtractAssociatedIconExA
ExtractAssociatedIconExW
ExtractAssociatedIconW
ExtractIconA
ExtractIconEx
ExtractIconExW
ExtractIconW
FindExecutableA
FindExecutableW
SHAddToRecentDocs
SHAppBarMessage
SHBindToParent
SHBrowseForFolder
SHBrowseForFolderA
SHBrowseForFolderW
SHChangeNotify
SHCreateDirectoryExA
SHCreateDirectoryExW
SHCreateProcessAsUserW
SHEmptyRecycleBinA
SHEmptyRecycleBinW
SHFileOperation
SHFileOperationA
SHFileOperationW
SHFormatDrive
SHFreeNameMappings
SHGetDataFromIDListA
SHGetDesktopFolder
SHGetDiskFreeSpaceA
SHGetDiskFreeSpaceExA
SHGetDiskFreeSpaceExW
SHGetFileInfo
SHGetFileInfoA
SHGetFileInfoW
SHGetFolderLocation
SHGetFolderPathA
SHGetFolderPathW
SHGetIconOverlayIndexA
SHGetIconOverlayIndexW
SHGetMalloc
SHGetPathFromIDListA
SHGetPathFromIDListW
SHGetSettings
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
SHInvokePrinterCommandA
SHInvokePrinterCommandW
WOWShellExecute

shlwapi

StrChrIA
StrChrIW
StrChrW
StrCmpNA
StrCmpNIA
StrCmpNIW
StrCmpNW
StrRChrIA
StrRChrIW
StrRChrW
StrRStrIA
StrRStrIW
StrStrA
StrStrIA
StrStrIW
StrStrW
StrChrA

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text7
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text5
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text6
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73054a8db131c60c892ce6fde5c03536

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

Sections

.text Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 516B

.text7 Size: 1024B - Virtual size: 1000B

.text5 Size: 55KB - Virtual size: 55KB

.text6 Size: 2KB - Virtual size: 1KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 516B

.text7
Size: 1024B - Virtual size: 1000B

.text5
Size: 55KB - Virtual size: 55KB

.text6
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 2KB