f1ec6dcb035676db99362eef408a671d66066c450a27329ac14ab785ec0eb1bd

Sharing

Copy URL Twitter E-mail

General

Target

f1ec6dcb035676db99362eef408a671d66066c450a27329ac14ab785ec0eb1bd
Size

473KB
MD5

08f7d24136d72cce5f9969ac3bef1920
SHA1

d686ed7fe2842a4a045fbdcf3df05c4a8e890ebc
SHA256

f1ec6dcb035676db99362eef408a671d66066c450a27329ac14ab785ec0eb1bd
SHA512

450795f61ff7602a5fc3e652847d4112bff846263e8b973e33466f06e4bc1d9046cd540d4bb6b2e574eef99d3267a67cba6afcdfd0a3e173cdd97ded3836cf17
SSDEEP

6144:+2o9js+W8g/Mm7bEa653fzuo9d3DGSFks/NDKUZHQ:2Q8g/MmnEPl9nFks/1K

Score

N/A

Malware Config

Signatures

Files

f1ec6dcb035676db99362eef408a671d66066c450a27329ac14ab785ec0eb1bd
.exe windows x86

33f05b4301f9a12d53fef3fcb5c0093e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlIsTextUnicode
RtlUshortByteSwap
iswctype
wcsncpy
_wcsnicmp
memcmp
memcpy
wcscmp
swprintf
memset
wcslen
_wcsicmp
wcscpy
RtlDetermineDosPathNameType_U

comctl32

ImageList_Create
ImageList_Remove
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Destroy

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

skinmagicu

ord4
ord1
ord8

kernel32

FindFirstFileW
GetCurrentProcess
GetLogicalDrives
GetUserDefaultLangID
Sleep
TerminateThread
SetPriorityClass
MultiByteToWideChar
CreateThread
GetWindowsDirectoryW
GetCurrentThreadId
FindNextFileW
SetProcessWorkingSetSize
SetCurrentDirectoryW
GetModuleHandleW
SearchPathW
GetFileAttributesW
CreateFileW
GetLastError
SetLastError
CloseHandle
SetFilePointer
HeapAlloc
HeapFree
GetProcessHeap
ReadFile
DeleteFileW
SetFileAttributesW
GetDriveTypeW
GetVolumeInformationW
GetFileSize
WriteFile
GetModuleFileNameW
FlushFileBuffers
FindClose

user32

SetTimer
GetMessageW
PostQuitMessage
TrackPopupMenu
EnableWindow
IsDlgButtonChecked
ShowWindow
CheckDlgButton
EndDialog
GetDlgItem
SetClassLongW
LoadIconW
SetDlgItemInt
SetForegroundWindow
GetDlgItemInt
UnregisterDeviceNotification
RegisterDeviceNotificationW
DestroyIcon
UpdateWindow
SendMessageW
GetSystemMetrics
MessageBoxW
PostMessageW
DestroyWindow
DispatchMessageW
GetWindow
GetWindowThreadProcessId
DefWindowProcW
DestroyMenu
RegisterClassW
MessageBoxIndirectW
SetMenuDefaultItem
CreateWindowExW
CreateDialogParamW
GetCursorPos
SetWindowPos
LoadMenuW
TranslateMessage
DialogBoxParamW
GetSubMenu
KillTimer
UnregisterClassW
RegisterWindowMessageW

advapi32

RegCloseKey
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegNotifyChangeKeyValue
RegQueryValueExW

shell32

ShellExecuteW
Shell_NotifyIconW
SHGetFileInfoW

ole32

CoUninitialize
CoInitializeEx

shlwapi

PathAppendW

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 454KB - Virtual size: 455KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vltcloj
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

33f05b4301f9a12d53fef3fcb5c0093e

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

comctl32

version

skinmagicu

kernel32

user32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 244B

.rsrc Size: 454KB - Virtual size: 455KB

vltcloj Size: - Virtual size: 4KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 244B

.rsrc
Size: 454KB - Virtual size: 455KB

vltcloj
Size: - Virtual size: 4KB