10add7f878afbe5a0aef48d60e1a4566c606a7f4f2d3b9862d8e1127b043f234

General

Target

10add7f878afbe5a0aef48d60e1a4566c606a7f4f2d3b9862d8e1127b043f234
Size

289KB
MD5

5c0bfe8f962dc8fb6c9ab621a41b47ea
SHA1

cfbc6b8dc3a7b4bfec22f74ec997a63418304bff
SHA256

10add7f878afbe5a0aef48d60e1a4566c606a7f4f2d3b9862d8e1127b043f234
SHA512

67fa07bb15f57670fadbddfda55cada09848d44407dc6ed612c58e0931d3afeb386a98605a01d8dd9012e155e5354e859176ceea5b89e2d68d3e22c37c6e7ba2
SSDEEP

6144:ik7rCx+RAtGGxMaNeoBkZ5i59yGdKO3ztu2Iik9HWB:ie4KabQ5i3yGMOjxUHWB

Score

N/A

Malware Config

Signatures

Files

10add7f878afbe5a0aef48d60e1a4566c606a7f4f2d3b9862d8e1127b043f234
.exe windows x86

6c01956d2aeefa83da38bb8af3f810b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetForegroundWindow
ChildWindowFromPointEx
SetParent
MoveWindow
FindWindowExA
SetDlgItemInt
IsIconic
GetSysColor
EnumWindows
AdjustWindowRect
GetTopWindow
SetWindowPos
CreateWindowExA
GetDesktopWindow

advapi32

RegLoadKeyA
RegOverridePredefKey
RegCreateKeyExA
OpenEventLogW
RegQueryMultipleValuesA
RegReplaceKeyA
RegCloseKey
RegConnectRegistryA
ReadEventLogA
RegEnumKeyA
RegSaveKeyA
BackupEventLogA
RegisterEventSourceW
GetOldestEventLogRecord
GetTokenInformation

kernel32

GetStartupInfoA
WaitForMultipleObjects
GetModuleHandleA
GetProcAddress
LoadLibraryW
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentVariableA
VirtualAllocEx
SleepEx
VirtualProtect
GetDateFormatA
IsValidCodePage
VirtualLock
GlobalHandle
IsBadWritePtr
LCMapStringA
GetStringTypeW

aclui

ord2
ord1

setupapi

SetupCopyErrorW
SetupDiChangeState
SetupGetLineCountA
SetupSetDirectoryIdA
SetupDiAskForOEMDisk
SetupDiInstallClassA
SetupLogErrorA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_exit
_XcptFilter

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 267KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dfhx
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6c01956d2aeefa83da38bb8af3f810b2

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

kernel32

aclui

setupapi

msvcrt

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 267KB - Virtual size: 280KB

.dfhx Size: 5KB - Virtual size: 4KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 267KB - Virtual size: 280KB

.dfhx
Size: 5KB - Virtual size: 4KB