620cb3a0f2843d3a576da7bc3340fc606dd5b6a92f1ce1142f5c514bfd4dd302

Sharing

Copy URL Twitter E-mail

General

Target

620cb3a0f2843d3a576da7bc3340fc606dd5b6a92f1ce1142f5c514bfd4dd302
Size

265KB
MD5

dd633aebeccb7b74874b99303bed3382
SHA1

fb4d066e0d51f6285165fdb01677f1dd69033d37
SHA256

620cb3a0f2843d3a576da7bc3340fc606dd5b6a92f1ce1142f5c514bfd4dd302
SHA512

4d84f0a9b51c72cc0fc9318dafccd8ac5605e78786a48be0bf51f49f3c11d3773480ec0b5adc4321bceb6238e8467f569f23f0de2104929641e0df36c7a1e260
SSDEEP

3072:4wBAN2ntxFa6fIiQe09jpAg0FufsY+h4owtlczzuOrTYKNhdSANHZrbZwtlczzua:4wBANGjzN49jpAOk8stNhd3NZqa

Score

N/A

Malware Config

Signatures

Files

620cb3a0f2843d3a576da7bc3340fc606dd5b6a92f1ce1142f5c514bfd4dd302
.exe windows x86

006eafbdc15fd94c42305265034ff34a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenuItemID
GetWindowPlacement
DestroyWindow
LoadIconA
SetTimer
EndDialog
PostMessageA
MessageBoxW
SetWindowTextW
SetWindowTextA
LoadStringA
SetWindowLongA
GetWindowLongA
DialogBoxParamW
DialogBoxParamA
ShowWindow
CharLowerW
CharLowerA
CharUpperW
CharUpperA
IsIconic
DispatchMessageW
GetSystemMenu
CreatePopupMenu
GetDlgItem
ScreenToClient
LoadBitmapA
KillTimer
GetMenuState
SystemParametersInfoA
LoadStringW
SendMessageA
GetMenuItemRect
MsgWaitForMultipleObjectsEx
GetIconInfo

shell32

ShellExecuteW
SHGetFileInfoW

ole32

CoTaskMemFree

advapi32

RegDeleteKeyW
RegEnumValueA
RegEnumValueW
RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegOpenKeyA
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW

gdi32

CreateRectRgnIndirect
PatBlt
CreateCompatibleBitmap
RestoreDC
SetBkMode
GetClipBox
SetWindowOrgEx
CreateBitmap
GdiComment
SetBitmapDimensionEx
GetMapMode
RealizePalette
RemoveFontResourceExA
UpdateICMRegKeyA
PolyDraw
SelectClipPath
GdiGetBatchLimit
CreatePatternBrush
WidenPath
DeleteDC
EnumMetaFile

comctl32

ImageList_Destroy
ImageList_Create
ImageList_AddMasked

mpr

WNetOpenEnumA
WNetGetUniversalNameA
WNetGetConnectionA
WNetEnumResourceA
WNetCloseEnum

kernel32

IsDebuggerPresent
HeapReAlloc
UnhandledExceptionFilter
RtlUnwind
RaiseException
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetStringTypeW
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsFree
InterlockedIncrement
InterlockedDecrement
HeapCreate
HeapFree
GetCPInfo
GetOEMCP
IsValidCodePage
LeaveCriticalSection
EnterCriticalSection
GetStringTypeA
CompareStringW
SetEnvironmentVariableA
SetUnhandledExceptionFilter
LoadLibraryA
GetStartupInfoA
WriteProfileStringA
WritePrivateProfileStringA
VirtualAlloc
UnmapViewOfFile
TransactNamedPipe
PostQueuedCompletionStatus
GetStdHandle
GetFileType
LocalAlloc
GetPrivateProfileStringA
DebugActiveProcessStop
LoadLibraryExA
GetFullPathNameA
VirtualProtectEx
RemoveDirectoryW
EnumResourceNamesW
ResetEvent
GetSystemDirectoryW
GetProcessHeap
InitializeCriticalSectionAndSpinCount
TlsSetValue
GlobalMemoryStatusEx
SetEndOfFile
GetWindowsDirectoryW
GetCurrentThread
HeapAlloc
HeapDestroy
OpenSemaphoreW
GetPrivateProfileSectionW
DeviceIoControl
VirtualFree
Sleep
GetModuleFileNameW
VirtualQueryEx
SetEnvironmentVariableW
GetTimeFormatA
GetPrivateProfileStringW
lstrcpynA
DeleteFileW
FindFirstFileW
FindNextFileW
FindClose
SetFilePointer
MultiByteToWideChar
ReadFile
WriteFile
MulDiv
lstrlenA
WideCharToMultiByte
WritePrivateProfileStringW
FreeLibrary
LoadLibraryExW
GetModuleHandleW
GlobalFree
GetExitCodeProcess
WaitForSingleObject
GlobalAlloc
ExpandEnvironmentStringsW
lstrcmpW
lstrcmpiW
lstrcmpA
lstrcpyA
GetVersion
GetVersionExW
lstrcpyW
OpenProcess
GetModuleHandleA
GetProcAddress
lstrcatW
GetTempFileNameW
lstrcmpiA
CreateProcessW
LoadLibraryW
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
lstrcpynW
lstrlenW
CloseHandle
SetErrorMode
GetCommandLineW
GetTempPathW
ExitProcess
CopyFileW
GetCurrentProcess
GetFileSize
CreateFileW
GetTickCount
SetFileAttributesW
CreateDirectoryW
GetLastError
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CompareStringA
CopyFileA
CreateDirectoryA
CreateEventA
CreateFileA
CreateFileMappingA
CreateMutexA
CreateNamedPipeA
CreateProcessA
DeleteFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstFileA
FindNextFileA
FindResourceA
FlushFileBuffers
FormatMessageA
FreeResource
GetACP
GetCommandLineA
GetComputerNameA
GetCurrentDirectoryA
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentVariableA
GetFileAttributesA
GetLocalTime
GetLocaleInfoA
GetLogicalDrives
GetModuleFileNameA
GetOverlappedResult
GetProfileStringA
GetShortPathNameA
GetSystemDefaultLCID
GetSystemDirectoryA
GetSystemInfo
GetSystemTimeAsFileTime
GetUserDefaultLangID
GetVersionExA
GetWindowsDirectoryA
GlobalAddAtomA
GlobalDeleteAtom
GlobalHandle
GlobalReAlloc
IsBadWritePtr
IsDBCSLeadByte
LoadResource
LocalFileTimeToFileTime
LocalFree
LockResource
MapViewOfFile
MoveFileA
MoveFileExA
OpenMutexA
QueryPerformanceCounter
ReleaseMutex
RemoveDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
SetLastError
SetNamedPipeHandleState
SizeofResource
TerminateProcess
TerminateThread

Sections

.text
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

006eafbdc15fd94c42305265034ff34a

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

ole32

advapi32

gdi32

comctl32

mpr

kernel32

Sections

.text Size: 125KB - Virtual size: 124KB

.rdata Size: 35KB - Virtual size: 35KB

.data Size: 15KB - Virtual size: 98KB

.rsrc Size: 88KB - Virtual size: 88KB

.text
Size: 125KB - Virtual size: 124KB

.rdata
Size: 35KB - Virtual size: 35KB

.data
Size: 15KB - Virtual size: 98KB

.rsrc
Size: 88KB - Virtual size: 88KB