916eb2026f207fc5530026b3ba789a3edfe7a4fa1a5474a2ceeec205f827f18b

Sharing

Copy URL Twitter E-mail

General

Target

916eb2026f207fc5530026b3ba789a3edfe7a4fa1a5474a2ceeec205f827f18b
Size

284KB
MD5

84196c5935ab32d9726fd604c3dabf17
SHA1

5f35a305a0ae01b2153846548196fa0c23f67ccf
SHA256

916eb2026f207fc5530026b3ba789a3edfe7a4fa1a5474a2ceeec205f827f18b
SHA512

bf7b4dffe6beb6089ca2e33c26662f8e9246a8b5aa855e8e19b800fd5b6df1cb5c97c09d0b935c1bf2a3094635381a09b3aebcc25fd9b4fdd2d66b52dd1acf16
SSDEEP

6144:2/mH+O5H5NjyLRn0grbgIsuXi5txWVsyVzji/:2AxjyLRnLC3tisezji

Score

N/A

Malware Config

Signatures

Files

916eb2026f207fc5530026b3ba789a3edfe7a4fa1a5474a2ceeec205f827f18b
.exe windows x86

b0feec17594bdc4ae37e77829c325c6a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

onex

OneXAddTLV
OneXDeInitialize

wtsapi32

WTSLogoffSession
WTSSetUserConfigW
WTSVirtualChannelQuery
WTSRegisterSessionNotification
WTSVirtualChannelOpen
WTSQueryUserToken
WTSQuerySessionInformationA
WTSEnumerateProcessesA
WTSEnumerateSessionsW
WTSFreeMemory
WTSVirtualChannelRead
WTSSendMessageA

kernel32

VirtualProtect
FormatMessageA
GetConsoleAliasW
GetProcessId
lstrcmpi
GetAtomNameA
GetDriveTypeA
CreateDirectoryA
LoadLibraryW
GetConsoleTitleW
SleepEx
CreateFileW
GetModuleHandleA
GetLogicalDriveStringsW
lstrcpynA

uxtheme

GetThemeRect
OpenThemeData
SetWindowTheme
GetThemeTextExtent
IsThemeActive
GetThemeBool
GetThemeTextMetrics
GetThemeSysSize
GetThemeFilename
GetThemeColor
DrawThemeBackground

shell32

ShellMessageBoxA
DllUnregisterServer
SHFree
ShellAboutA
SHChangeNotify
ExtractIconA
DragFinish
DragQueryPoint
SHGetDataFromIDListA
SHFileOperationA
DragQueryFileA
SHGetMalloc
SHGetDesktopFolder
FindExecutableA

user32

PostMessageW
CreateDesktopW
LoadMenuW
DrawStateA
PeekMessageW
GetPropA
LoadIconA
DialogBoxParamA
IsCharLowerW
GetClassLongA
wsprintfA
LoadCursorA
InsertMenuA
GetMessageW
GetDlgItemTextW
DispatchMessageW
IsDialogMessageW

cfgmgr32

CM_Add_Empty_Log_Conf
CM_Add_IDA

modemui

CountryRunOnce
InvokeControlPanel
drvGetDefaultCommConfigA
drvCommConfigDialogA

Sections

.text
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0feec17594bdc4ae37e77829c325c6a

Headers

DLL Characteristics

File Characteristics

Imports

onex

wtsapi32

kernel32

uxtheme

shell32

user32

cfgmgr32

modemui

Sections

.text Size: 204KB - Virtual size: 200KB

.data Size: 48KB - Virtual size: 44KB

.rsrc Size: 28KB - Virtual size: 25KB

.text
Size: 204KB - Virtual size: 200KB

.data
Size: 48KB - Virtual size: 44KB

.rsrc
Size: 28KB - Virtual size: 25KB