3eb449b14f3921fcb0601453b7a8f22a825918ce95c65bc0e5f8a8aa2662dac0

Sharing

Copy URL Twitter E-mail

General

Target

3eb449b14f3921fcb0601453b7a8f22a825918ce95c65bc0e5f8a8aa2662dac0
Size

232KB
MD5

92af2af736de6fcd28f4a20137c69a38
SHA1

902ce6ccbfb8f0f954f87bd026c2b0d1f87f3cc8
SHA256

3eb449b14f3921fcb0601453b7a8f22a825918ce95c65bc0e5f8a8aa2662dac0
SHA512

b2389f31c54765cb3a4696dc393eb26cbab3cb11066d2248312bdf271a233f938c58e6cc4382e775a530b9ef3f2c641369ed9db2155a04a441d20d0861bbca85
SSDEEP

3072:2DHe2l222sVN7/qb5jQX6eR4CLRSTtyk0Q3K6ED8eclWtHnsySTKkjDrfLt4KfI:+plhN2a6eR9LRSTtRa6ECWxnsik3eKw

Score

N/A

Malware Config

Signatures

Files

3eb449b14f3921fcb0601453b7a8f22a825918ce95c65bc0e5f8a8aa2662dac0
.exe windows x86

7024d0f71bd13d69572d50ba116eaaf4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dhcpcsvc

DhcpFreeMem
McastApiCleanup

shell32

SHGetMalloc
SHGetFileInfoA
SHGetDesktopFolder
DuplicateIcon
StrChrA
FindExecutableA
ShellAboutA
DragQueryFileA
SHGetDataFromIDListA
ExtractIconA
SHChangeNotify

rsaenh

CPDecrypt
CPCreateHash
CPDeriveKey
CPGenKey

uxtheme

GetThemeTextMetrics
GetWindowTheme
GetThemeColor
GetThemeFilename
DrawThemeEdge
OpenThemeData
GetThemeInt
IsThemeActive
GetThemeTextExtent
GetThemeBool
GetThemeSysSize
CloseThemeData
SetWindowTheme
GetThemeRect

user32

FlashWindow
DrawStateA
GetPropW
GetDlgItemTextW
IsZoomed
LoadIconA
InsertMenuA
PeekMessageW
GetClassLongA
PostMessageW
DispatchMessageW
LoadBitmapA
LoadMenuW
LoadCursorA
ShowWindow
DialogBoxParamA

kernel32

lstrcpynA
SetFilePointer
GetCurrentDirectoryA
GetAtomNameA
GetModuleHandleA
VirtualProtect
Sleep
LoadLibraryW
GetProcessId
GetDriveTypeA
SetEnvironmentVariableW
HeapSize
CreateNamedPipeA
GetCurrentProcess
GetLogicalDriveStringsW

msimg32

vSetDdrawflag
TransparentBlt
DllInitialize
GradientFill

wtsapi32

WTSVirtualChannelClose
WTSSetSessionInformationW
WTSEnumerateProcessesA
WTSVirtualChannelPurgeInput
WTSVirtualChannelOpen
WTSEnumerateServersA
WTSSetUserConfigW
WTSFreeMemory
WTSUnRegisterSessionNotification
WTSVirtualChannelQuery
WTSLogoffSession
WTSRegisterSessionNotification

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7024d0f71bd13d69572d50ba116eaaf4

Headers

DLL Characteristics

File Characteristics

Imports

dhcpcsvc

shell32

rsaenh

uxtheme

user32

kernel32

msimg32

wtsapi32

Sections

.text Size: 28KB - Virtual size: 24KB

.data Size: 24KB - Virtual size: 22KB

.rsrc Size: 176KB - Virtual size: 173KB

.text
Size: 28KB - Virtual size: 24KB

.data
Size: 24KB - Virtual size: 22KB

.rsrc
Size: 176KB - Virtual size: 173KB