c7251a258a83b89fa74445ff1039856689e542b2e01276b4f0e5eaecff4cf8b2

Sharing

Copy URL Twitter E-mail

General

Target

c7251a258a83b89fa74445ff1039856689e542b2e01276b4f0e5eaecff4cf8b2
Size

277KB
MD5

8402598dde2dd31e0e5fddea28ed2530
SHA1

931eb90ad330b228dad01ed6440e49c2056e55f2
SHA256

c7251a258a83b89fa74445ff1039856689e542b2e01276b4f0e5eaecff4cf8b2
SHA512

4b2d87c819ea7613a1b0f2bad3ca2d2f477558d4f7c984aeb42fc97073e299a79d87f20961cfa3dce5e954e24946adb7f27ec42efa029cdb4269461112829fcf
SSDEEP

6144:gCOMG4c0B0LskRG7nraNFFDYmHonMkH2Lk5U1BX2b6PZFhXhG0zPh:rs4cPsCGuDYmonBH2L9X2bGZPhrh

Score

N/A

Malware Config

Signatures

Files

c7251a258a83b89fa74445ff1039856689e542b2e01276b4f0e5eaecff4cf8b2
.exe windows x86

2015ccea70554293b2f5f795a5fb50dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathW
ShellExecuteW

rpcrt4

CStdStubBuffer_Connect
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_AddRef
NdrDllRegisterProxy
NdrOleAllocate
CStdStubBuffer_Disconnect
NdrDllGetClassObject
CStdStubBuffer_CountRefs
NdrCStdStubBuffer_Release
NdrDllUnregisterProxy
CStdStubBuffer_Invoke
NdrDllCanUnloadNow
NdrOleFree
CStdStubBuffer_QueryInterface
CStdStubBuffer_DebugServerQueryInterface

user32

DestroyWindow
MapWindowPoints
SendMessageW
ShowWindow
GetWindow
SetDlgItemTextW
GetSystemMetrics
DrawTextW
GetWindowLongW
CopyRect
LoadStringW
CharNextW
GetClientRect
GetDlgItem
GetWindowRect
SetWindowTextW
GetParent
SendDlgItemMessageW
LoadImageW
SystemParametersInfoW
CreateDialogParamW
SetWindowPos
EndDialog
EnableWindow
MessageBoxW
SetFocus
DialogBoxParamW
GetDlgItemTextW
SetWindowLongW
GetDialogBaseUnits

kernel32

InterlockedIncrement
MultiByteToWideChar
SizeofResource
lstrcpynW
lstrcatW
GetCurrentProcess
HeapDestroy
lstrcmpiW
GetProcAddress
VirtualFree
lstrcpyW
lstrlenA
GetModuleFileNameW
LoadLibraryA
LoadLibraryExW
HeapAlloc
SetLastError
GetCurrentProcessId
GetSystemTimeAsFileTime
FormatMessageW
GetProcessHeap
QueryPerformanceCounter
EnterCriticalSection
FlushInstructionCache
lstrlenW
LocalFree
GetEnvironmentStringsA
OutputDebugStringA
SetUnhandledExceptionFilter
RemoveDirectoryA
HeapFree
GetUserDefaultLCID
FreeLibrary
GetLastError
GetSystemInfo
GetTickCount
InterlockedDecrement
FindResourceW
DeleteCriticalSection
LoadResource
LeaveCriticalSection

advapi32

RegCloseKey
GetTraceEnableFlags
GetTraceLoggerHandle
RegQueryValueExW
RegCreateKeyExW
TraceMessage
UnregisterTraceGuids
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegisterTraceGuidsW
GetTraceEnableLevel
RegDeleteKeyW
RegSetValueExW

msvcrt

?terminate@@YAXXZ
_except_handler3
__CxxFrameHandler
wcsncpy
malloc
??1type_info@@UAE@XZ
??3@YAXPAX@Z
wcscmp
free
_adjust_fdiv
realloc
??2@YAPAXI@Z
wcscat
wcslen
swprintf
_initterm

untfs

Extend
Chkdsk
ChkdskEx
Recover
Format
FormatEx

Sections

text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 918B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2015ccea70554293b2f5f795a5fb50dd

Headers

DLL Characteristics

File Characteristics

Imports

shell32

rpcrt4

user32

kernel32

advapi32

msvcrt

untfs

Sections

text Size: 110KB - Virtual size: 109KB

.rdata Size: 164KB - Virtual size: 163KB

.rsrc Size: 1024B - Virtual size: 918B

text
Size: 110KB - Virtual size: 109KB

.rdata
Size: 164KB - Virtual size: 163KB

.rsrc
Size: 1024B - Virtual size: 918B