dfb47ba4dd723241737cb1d0642ec014c62384d6c944f542f16be90dc52df32a

Sharing

Copy URL Twitter E-mail

General

Target

dfb47ba4dd723241737cb1d0642ec014c62384d6c944f542f16be90dc52df32a
Size

55KB
MD5

0e99bfd4c6e250516a8732501a1034a6
SHA1

917e7604af8406c89f4e98b2942465ed329fde43
SHA256

dfb47ba4dd723241737cb1d0642ec014c62384d6c944f542f16be90dc52df32a
SHA512

5c6bc03237e8d02884f82a0c79da2c586c1881cdab62fff9123f3fd2e25ee4984785ca9394c9e069ad1b496787499203aaf75263eb7927d1c95a22acb9ab1fa2
SSDEEP

768:QvWHViNoQWdQBdo+YD35ztGjwCF0C7yr/Ko99rQlt6x/SeG6abLkQH6bdhvttKgy:QvWHVNxd6G1I6ttlBibwM6bnv7Kj

Score

N/A

Malware Config

Signatures

Files

dfb47ba4dd723241737cb1d0642ec014c62384d6c944f542f16be90dc52df32a
.exe windows x86

4a5962f246b886bb597b3c3d6a6b6ba9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
UnmapViewOfFile
GetProcessHeap
GetExpandedNameW
GlobalFlags
GetDefaultCommConfigA
GetSystemTimes
OpenWaitableTimerA
CreateJobObjectW
LZInit
GetConsoleProcessList
GetCPInfoExW
TermsrvAppInstallMode
SetTermsrvAppInstallMode
InterlockedDecrement
GetNumberFormatW
CmdBatNotification
GetWindowsDirectoryA
ReplaceFileW
GlobalCompact
GetTempPathA
VirtualAlloc
ReplaceFileA
SetLocalPrimaryComputerNameA
EnumSystemCodePagesA
DeleteVolumeMountPointW
EnumerateLocalComputerNamesW
QueueUserWorkItem
GetNumaNodeProcessorMask
GetCommProperties
VirtualProtect
VirtualProtectEx
InitializeCriticalSectionAndSpinCount
GetVolumeInformationW
GetTempFileNameA
DelayLoadFailureHook
GetSystemDEPPolicy
GlobalUnWire
MoveFileW
GetLocaleInfoA
VDMConsoleOperation
GetLongPathNameW
AddLocalAlternateComputerNameW
IsProcessInJob
CreateDirectoryExW
GetPrivateProfileStructA
GetConsoleKeyboardLayoutNameA
SetThreadPriorityBoost
FatalAppExitA
SetProcessDEPPolicy
FindFirstVolumeMountPointA
WriteFileGather
OpenJobObjectA
FindFirstVolumeMountPointW
CreateFileW
BuildCommDCBAndTimeoutsW
EnumTimeFormatsA
VerifyConsoleIoHandle
ReadConsoleOutputA
UnhandledExceptionFilter
ExitProcess
GetConsoleCommandHistoryLengthA
SetConsoleLocalEUDC
PurgeComm
IsDBCSLeadByte
GlobalWire
GetCurrentDirectoryW
GlobalMemoryStatus
BackupWrite
GetOverlappedResult
lstrlen
WaitForSingleObject
SetTimeZoneInformation
GlobalFindAtomA
GetSystemDefaultUILanguage
ShowConsoleCursor
HeapWalk
LocalReAlloc
CreateDirectoryExA
SetHandleContext
PeekConsoleInputW
GetTickCount
GetModuleFileNameA
DeleteTimerQueueTimer
WritePrivateProfileStructW
DebugActiveProcessStop
ReadConsoleInputW
lstrcmpiA
SetCommConfig
QueryDosDeviceA
GetNumberOfConsoleFonts
GlobalUnlock
CheckNameLegalDOS8Dot3W
VirtualFree
_lcreat
GetCurrentConsoleFont
LocalCompact
DeleteFileA
GetThreadPriority
Thread32Next
GlobalMemoryStatusEx
GetCommandLineA
GetConsoleCP
FileTimeToSystemTime

user32

SetCapture
IsWindowInDestroy
CreatePopupMenu
SetWindowWord
InvertRect
SendNotifyMessageW
GetClassWord
LoadBitmapA
CtxInitUser32
ExitWindowsEx
PostMessageW
GetMenuItemRect
CopyIcon
InsertMenuA
OpenWindowStationW
OpenWindowStationA
LoadImageW
GetWindowRgn
DdeUninitialize

gdi32

EngCreateDeviceBitmap
EngFindResource
IsValidEnhMetaRecord
GetTextCharacterExtra
DdEntry4
GetTextExtentExPointWPri

imm32

ImmGetGuideLineA
ImmGetCandidateListA
ImmIMPSetIMEW
ImmSetCompositionStringA
CtfImmSetAppCompatFlags
CtfImmDispatchDefImeMessage
ImmRegisterWordA
ImmInstallIMEW
ImmLockClientImc
ImmInstallIMEA
ImmDestroySoftKeyboard
ImmGetProperty
ImmPutImeMenuItemsIntoMappedFile
ImmGetDescriptionA

shlwapi

StrSpnW
AssocGetPerceivedType
SHRegSetPathA
StrCatBuffA
SHCreateThreadRef
PathGetDriveNumberA
AssocQueryKeyA
PathCanonicalizeW
PathFindExtensionW
AssocQueryStringByKeyW
PathCommonPrefixW
SHQueryValueExW
PathGetArgsA
PathRemoveBlanksW
PathParseIconLocationA
SHRegGetPathW

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a5962f246b886bb597b3c3d6a6b6ba9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

imm32

shlwapi

Sections

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 25KB - Virtual size: 25KB