0ee799e454bd2da1019605bdf69b1324f3e17d955bcc863ea60c9da43a633c1c

General

Target

0ee799e454bd2da1019605bdf69b1324f3e17d955bcc863ea60c9da43a633c1c
Size

56KB
MD5

839478c441661bc16f2242e122fb56a0
SHA1

7dc737afc1e2eb256ee4a9efd67665ceca88c03b
SHA256

0ee799e454bd2da1019605bdf69b1324f3e17d955bcc863ea60c9da43a633c1c
SHA512

7b4bccb9dd45c00d56879c5e9aaff162739bf1bea4dea1d43702612f5358a598d422fae0acd26b17ed24a5656c67f9217f81412bd6574f90f6e0d2d76ec185c4
SSDEEP

768:oPA0thit6Wj7iiBFIEQ4KAn4e2R4PfyYVijBQLsRl/A3O4h1/0b6L:AAJFjvWz4KM4eY89oX4IS

Score

N/A

Malware Config

Signatures

Files

0ee799e454bd2da1019605bdf69b1324f3e17d955bcc863ea60c9da43a633c1c
.exe windows x86

b66ffd61906a8786aa35bdc6038e2ddf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UpdateResourceA
GetTimeFormatA
GetConsoleTitleA
GetProcAddress
GetAtomNameA
GetStringTypeA
GetProcessTimes
GetComputerNameA
DeviceIoControl
GetCurrentProcess
LoadLibraryA
SetFilePointer
WaitForSingleObject
GetPrivateProfileIntA
lstrcmpiA
QueryDosDeviceA
GetShortPathNameA
GetProcessHeap
GetConsoleAliasW
GetCurrentDirectoryA
GetFullPathNameA
SetEnvironmentVariableW

user32

GetPropA
wsprintfA
LoadCursorA
SetCursorPos
PeekMessageA
LoadImageA
DispatchMessageA
IsCharLowerW
GetWindowLongA
DrawIcon
CreateWindowExA
IsDialogMessageA

modemui

drvCommConfigDialogA
CountryRunOnce
InvokeControlPanel
drvGetDefaultCommConfigA
drvSetDefaultCommConfigA

rsaenh

CPGenKey
CPDeriveKey
CPCreateHash

wtsapi32

WTSQueryUserToken
WTSLogoffSession
WTSVirtualChannelPurgeInput
WTSVirtualChannelQuery
WTSUnRegisterSessionNotification
WTSSetUserConfigW
WTSSetSessionInformationA
WTSVirtualChannelClose
WTSOpenServerW
WTSVirtualChannelWrite

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b66ffd61906a8786aa35bdc6038e2ddf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

modemui

rsaenh

wtsapi32

Sections

.text Size: 8KB - Virtual size: 7KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 45KB - Virtual size: 44KB

.text
Size: 8KB - Virtual size: 7KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 45KB - Virtual size: 44KB