71b9cba71637f00137f96320281a09d03432d92664c100bc3f91ec57cdcc54d7

Sharing

Copy URL Twitter E-mail

General

Target

71b9cba71637f00137f96320281a09d03432d92664c100bc3f91ec57cdcc54d7
Size

183KB
MD5

849df96d537d809008b3f807cc4d7340
SHA1

f19392c8291344607b88afe9375e5e9fecd863af
SHA256

71b9cba71637f00137f96320281a09d03432d92664c100bc3f91ec57cdcc54d7
SHA512

f330cf09464e3111beabb505c611f80234877e49c28b7c4f6eb5edaac0cd12dd1d8568d21f4c721cf93acf76da907c10049ceac6afbef0402b10ada81647a2e9
SSDEEP

3072:/mlov+3BrqVW4HcLXJRLFXnQjKOiiRiwa8EPRYU0ON+4UM9AJqMMrB06:wRuVxHcbTLFXLxZAgRNTUM9tfl

Score

N/A

Malware Config

Signatures

Files

71b9cba71637f00137f96320281a09d03432d92664c100bc3f91ec57cdcc54d7
.exe windows x86

669c59b993efdb467575bbb84a17659b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

CommDlgExtendedError

kernel32

MapViewOfFile
MoveFileExA
MultiByteToWideChar
OpenFile
OpenProcess
Process32First
Process32Next
SetEndOfFile
SetEnvironmentVariableA
LocalAlloc
SetFilePointer
SetLastError
TerminateProcess
UnmapViewOfFile
VirtualAlloc
VirtualFree
WaitForSingleObject
WinExec
GetWindowsDirectoryA
GetVersionExA
CloseHandle
GetUserDefaultLangID
GetSystemDirectoryA
GetStartupInfoA
GetShortPathNameA
GetProcAddress
GetPrivateProfileStringA
GetModuleHandleA
GetLastError
GetFullPathNameA
GetFileSize
GetCurrentThreadId
GetCurrentThread
GetCurrentProcess
GetCurrentDirectoryA
GetComputerNameA
FreeLibrary
FormatMessageA
FindNextFileA
FindFirstFileA
FindClose
ExitProcess
DeleteFileA
CreateToolhelp32Snapshot
CreateProcessA
CreateFileMappingA
CreateFileA
CreateDirectoryA
CopyFileA
SetFileAttributesA

ole32

CoInitialize
CoUninitialize

user32

SendMessageA
MessageBoxA
LoadStringA
IsDlgButtonChecked
GetWindowInfo
SetCapture
GetDlgItem
GetDC
EnableWindow
DialogBoxParamA
CreateCursor
CopyRect
GetSystemMetrics
SetDlgItemTextA
GetWindowRect
EndDialog

shell32

ShellExecuteW
SHGetSpecialFolderPathA
SHGetSpecialFolderLocation

advapi32

SetSecurityDescriptorOwner
GetUserNameA
GetLengthSid
FreeSid
DeleteService
ControlService
CloseServiceHandle
AllocateAndInitializeSid
AdjustTokenPrivileges
AddAccessAllowedAce
InitializeAcl
InitializeSecurityDescriptor
IsValidSecurityDescriptor
LookupPrivilegeValueA
OpenProcessToken
OpenSCManagerA
OpenServiceA
OpenThreadToken
QueryServiceStatus
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
RevertToSelf
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
ImpersonateSelf

shlwapi

PathIsDirectoryA

oleaut32

SysFreeString
VarUI4FromStr

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Exports

Exports

BeginSession
FIsHTMLFileW
GetRichEdClassStringW
HrGetStreamPos
OpenDatabase
ProcessBatch2
SetViewport

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

669c59b993efdb467575bbb84a17659b

Headers

DLL Characteristics

File Characteristics

Imports

comdlg32

kernel32

ole32

user32

shell32

advapi32

shlwapi

oleaut32

version

Exports

Exports

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 111KB - Virtual size: 110KB

.data Size: 16KB - Virtual size: 17KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 111KB - Virtual size: 110KB

.data
Size: 16KB - Virtual size: 17KB

.rsrc
Size: 9KB - Virtual size: 8KB