d69f10d12c5558e52a28ca9fabbbc71c38cc3aee710e4d210b60c00604a06d42

Sharing

Copy URL

Twitter E-mail

General

Target

d69f10d12c5558e52a28ca9fabbbc71c38cc3aee710e4d210b60c00604a06d42
Size

399KB
MD5

c78eb291e0e3ed4000fa1f3dff91a04c
SHA1

bcebf7185749271d6a1235793cb8497c40264f5d
SHA256

d69f10d12c5558e52a28ca9fabbbc71c38cc3aee710e4d210b60c00604a06d42
SHA512

e457f4d2d6de0b8833a513d47b2d8001d166f6a9e1ed53b2c30a475d1630efac63cb40ddc729b18845b31e93630384834906d0321fd1680b6c240d8b76bb89c5
SSDEEP

12288:FQxPqEXpeEZtkp/MTvtPY5MtnuvWTCOuPPRCRpq:UPP8Ev6+uvWTCFPpCRpq

Score

N/A

Malware Config

Signatures

Files

d69f10d12c5558e52a28ca9fabbbc71c38cc3aee710e4d210b60c00604a06d42
.exe windows x86

0b47a71cc858a47278cd171c97039b2b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
LCMapStringW
LCMapStringA
MultiByteToWideChar
UnhandledExceptionFilter
FreeEnvironmentStringsA
TlsAlloc
GetCurrentThreadId
IsBadWritePtr
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
WriteFile
SetFilePointer
GetCPInfo
TerminateProcess
VirtualAlloc
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
LoadLibraryA
SetStdHandle
FlushFileBuffers
ReadFile
LocalFree
LocalAlloc
LoadLibraryW
GetVersion
GetCommandLineW
GetComputerNameW
ExitProcess
GetModuleHandleW
GetProcAddress
SetComputerNameW
CreateDirectoryW
lstrcpyW
SetLastError
lstrlenW
GetCurrentProcess
CloseHandle
GetLastError
FormatMessageW
ExpandEnvironmentStringsW
GetFileAttributesW
Sleep
GetLogicalDrives
GetVolumeInformationW
GetDriveTypeW
FindFirstFileW
FindNextFileW
FindClose
TlsGetValue
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
VirtualFree
HeapCreate
HeapFree
HeapAlloc
ResumeThread
CreateThread
TlsSetValue
ExitThread
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
RtlUnwind
WideCharToMultiByte
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapDestroy

user32

ShowWindow
InflateRect
DialogBoxIndirectParamW
GetNextDlgGroupItem
DefWindowProcW
SetWindowTextW
CreateWindowExW
SendMessageW
MapWindowPoints
CreateDialogParamW
SetWindowPos
IsWindowEnabled
GetNextDlgTabItem
LoadIconW
RegisterClassExW
GetWindowLongW
SetWindowLongW
GetMessageW
wsprintfW
DispatchMessageW
IsDialogMessageW
PostQuitMessage
TranslateMessage
EnableWindow
GetDlgItemTextW
IsDlgButtonChecked
SetFocus
CheckDlgButton
DialogBoxParamW
EndDialog
GetParent
GetWindowRect
MoveWindow
GetDlgItem
LoadCursorW
GetSysColorBrush
GetSysColor
ChildWindowFromPoint
InvalidateRect
SetCursor
MessageBoxW
PostMessageW
SetDlgItemTextW

gdi32

SetMapMode
StartDocW
StartPage
EndPage
EndDoc
GetStockObject
GetObjectW
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject
GetDeviceCaps

comdlg32

PrintDlgW

advapi32

RegOpenKeyW
RegConnectRegistryW
RegFlushKey
RegSaveKeyW
RegReplaceKeyW
FreeSid
GetLengthSid
AllocateAndInitializeSid
IsValidSid
GetSidIdentifierAuthority
InitiateSystemShutdownW
LookupPrivilegeValueW
OpenProcessToken
AdjustTokenPrivileges
GetSidSubAuthorityCount
GetSidSubAuthority
RegQueryValueW
RegCreateKeyW
RegEnumValueW
RegSetValueExW
RegDeleteKeyW
RegQueryValueExW
RegLoadKeyW
RegUnLoadKeyW
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegSetKeySecurity
RegCloseKey
RegGetKeySecurity
GetNamedSecurityInfoW
InitializeSecurityDescriptor
GetSecurityDescriptorControl
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
GetAclInformation
GetAce
SetSecurityDescriptorDacl
SetSecurityDescriptorSacl
GetSecurityDescriptorOwner
SetFileSecurityW
GetSecurityDescriptorGroup

shell32

CommandLineToArgvW
SHGetMalloc
SHGetSpecialFolderLocation
SHBrowseForFolderW
ShellExecuteW

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 568B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uu5s
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0_s0
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.8__09
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.65__s
Size: 512B - Virtual size: 198B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0kk5s
Size: 512B - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.llv1
Size: 355KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.775s
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.785s
Size: 512B - Virtual size: 230B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

._05s
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.85js0
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.85j00
Size: 512B - Virtual size: 242B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.85sj1
Size: 512B - Virtual size: 234B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kajq
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kjoq
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kjj0q
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.n_m
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.o__p
Size: 512B - Virtual size: 214B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.o__p0
Size: 512B - Virtual size: 214B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.o__p1
Size: 512B - Virtual size: 226B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.o__p2
Size: 512B - Virtual size: 226B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iaoq
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iaoq1
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b47a71cc858a47278cd171c97039b2b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 1024B - Virtual size: 568B

.uu5s Size: 512B - Virtual size: 224B

.0_s0 Size: 512B - Virtual size: 212B

.8__09 Size: 512B - Virtual size: 200B

.65__s Size: 512B - Virtual size: 198B

.0kk5s Size: 512B - Virtual size: 162B

.llv1 Size: 355KB - Virtual size: 355KB

.775s Size: 512B - Virtual size: 236B

.785s Size: 512B - Virtual size: 230B

._05s Size: 512B - Virtual size: 236B

.85js0 Size: 512B - Virtual size: 232B

.85j00 Size: 512B - Virtual size: 242B

.85sj1 Size: 512B - Virtual size: 234B

.kajq Size: 512B - Virtual size: 224B

.kjoq Size: 512B - Virtual size: 224B

.kjj0q Size: 512B - Virtual size: 224B

.n_m Size: 512B - Virtual size: 224B

.o__p Size: 512B - Virtual size: 214B

.o__p0 Size: 512B - Virtual size: 214B

.o__p1 Size: 512B - Virtual size: 226B

.o__p2 Size: 512B - Virtual size: 226B

.iaoq Size: 512B - Virtual size: 96B

.iaoq1 Size: 512B - Virtual size: 164B

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 512B - Virtual size: 308B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 1024B - Virtual size: 568B

.uu5s
Size: 512B - Virtual size: 224B

.0_s0
Size: 512B - Virtual size: 212B

.8__09
Size: 512B - Virtual size: 200B

.65__s
Size: 512B - Virtual size: 198B

.0kk5s
Size: 512B - Virtual size: 162B

.llv1
Size: 355KB - Virtual size: 355KB

.775s
Size: 512B - Virtual size: 236B

.785s
Size: 512B - Virtual size: 230B

._05s
Size: 512B - Virtual size: 236B

.85js0
Size: 512B - Virtual size: 232B

.85j00
Size: 512B - Virtual size: 242B

.85sj1
Size: 512B - Virtual size: 234B

.kajq
Size: 512B - Virtual size: 224B

.kjoq
Size: 512B - Virtual size: 224B

.kjj0q
Size: 512B - Virtual size: 224B

.n_m
Size: 512B - Virtual size: 224B

.o__p
Size: 512B - Virtual size: 214B

.o__p0
Size: 512B - Virtual size: 214B

.o__p1
Size: 512B - Virtual size: 226B

.o__p2
Size: 512B - Virtual size: 226B

.iaoq
Size: 512B - Virtual size: 96B

.iaoq1
Size: 512B - Virtual size: 164B

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 512B - Virtual size: 308B