0701aa45b664f6545b63cded09120455fafb1ad02c6d1d0f957d3e30ff640644

Sharing

Copy URL Twitter E-mail

General

Target

0701aa45b664f6545b63cded09120455fafb1ad02c6d1d0f957d3e30ff640644
Size

232KB
MD5

0ae5f64971756d27ee3a47ac7e725d2c
SHA1

54d4ae3c8a0ad03b50510ee9c72bff2717e6d2e6
SHA256

0701aa45b664f6545b63cded09120455fafb1ad02c6d1d0f957d3e30ff640644
SHA512

6d8f824a3e93e317b969f009694a937efd79ec180f72e5f7fe437245ab8214f53f5c665e5762a6d5c1b86199097cff1d82b8f231e88d4a48c50ceffc0d475127
SSDEEP

3072:MvPuPxy5tcMv1hcKGy65b8tiT8UhNOtFsuImMHHp7a2CeZxdjsV4YDyPtP:Ml5td1aV59kFIhHHpPZPVY

Score

N/A

Malware Config

Signatures

Files

0701aa45b664f6545b63cded09120455fafb1ad02c6d1d0f957d3e30ff640644
.exe windows x86

053dee9ea6b406071337017da0880425

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragAcceptFiles
DllUnregisterServer
SHGetDiskFreeSpaceA
SHGetDataFromIDListA
DragQueryPoint
ExtractIconA
DuplicateIcon
SHFileOperationA
SHGetMalloc
SHGetDesktopFolder
SHCreateShellItem
SHFree
FindExecutableA
DragQueryFileA
StrChrA

uxtheme

DrawThemeEdge
GetThemeBool
IsThemeActive
DrawThemeBackground
GetThemeSysSize
CloseThemeData
GetThemeTextMetrics
SetWindowTheme
OpenThemeData
GetWindowTheme
GetThemeFilename
GetThemeColor

clbcatq

DowngradeAPL
CoRegCleanup
ComPlusMigrate
SetSetupOpen

msimg32

vSetDdrawflag
AlphaBlend
DllInitialize
TransparentBlt
GradientFill

user32

PostMessageW
GetDlgItemTextW
DialogBoxParamA
FlashWindow
LoadMenuW
DrawStateA
IsZoomed
IsDialogMessageW
PeekMessageW
GetPropW
InsertMenuA
GetClassLongA
LoadBitmapA
DispatchMessageW
ShowWindow
CharToOemA
GetMessageW
LoadCursorA

kernel32

GetCurrentDirectoryA
GetFullPathNameW
Sleep
VirtualProtect
GetCurrentProcess
GetNumberFormatW
CreateNamedPipeA
GetProcessId
LoadLibraryW
CloseHandle
GetModuleHandleA
HeapSize
GetCommandLineA

dhcpcsvc

McastApiStartup
DhcpFreeMem

wtsapi32

WTSSetSessionInformationW
WTSEnumerateProcessesA
WTSQuerySessionInformationA
WTSVirtualChannelQuery
WTSRegisterSessionNotification
WTSEnumerateServersA
WTSVirtualChannelClose
WTSVirtualChannelOpen
WTSVirtualChannelPurgeInput
WTSUnRegisterSessionNotification

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

053dee9ea6b406071337017da0880425

Headers

DLL Characteristics

File Characteristics

Imports

shell32

uxtheme

clbcatq

msimg32

user32

kernel32

dhcpcsvc

wtsapi32

Sections

.text Size: 28KB - Virtual size: 24KB

.data Size: 24KB - Virtual size: 22KB

.rsrc Size: 176KB - Virtual size: 173KB

.text
Size: 28KB - Virtual size: 24KB

.data
Size: 24KB - Virtual size: 22KB

.rsrc
Size: 176KB - Virtual size: 173KB