ac4ad7a991ae08846b3ff6494a38bb0666570e17fe3d4a12b789fce8b16555d8

Sharing

Copy URL Twitter E-mail

General

Target

ac4ad7a991ae08846b3ff6494a38bb0666570e17fe3d4a12b789fce8b16555d8
Size

454KB
MD5

5963b9757764b72f0a320c047a923ec8
SHA1

805001414247452c743355e5afa2dfe4823b288f
SHA256

ac4ad7a991ae08846b3ff6494a38bb0666570e17fe3d4a12b789fce8b16555d8
SHA512

612de66190aed366286542ff141e8f979f639c7ecee78514f289a6962fc8bd3e1f722b686ef0097ec1c0e90f7c72b292c2131136aadfa866c8064302f03fc094
SSDEEP

12288:53QHn7ELrAfD+mKI8N1yXci7z1nnSiRDSsBg/W:53W4WD+mKEBBROs+/

Score

N/A

Malware Config

Signatures

Files

ac4ad7a991ae08846b3ff6494a38bb0666570e17fe3d4a12b789fce8b16555d8
.exe windows x86

335862be38e1dd215200616b8035c4e6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Draw
ImageList_GetIconSize
CreateToolbarEx
CreatePropertySheetPageW
InitCommonControlsEx
ImageList_Destroy
PropertySheetW

mswsock

GetAcceptExSockaddrs
AcceptEx

comdlg32

PrintDlgA
GetOpenFileNameA

msvcrt

_ultoa
bsearch
_initterm
_itow
_adjust_fdiv
_wcsicmp
free
strncmp
isxdigit
wcscpy
_wcsnicmp
isdigit
qsort
strncpy
wcscmp
_ltoa
wcscat
isupper
_onexit
__dllonexit
memmove
_except_handler3
_snwprintf
sprintf
wcschr

iphlpapi

NotifyRouteChange
GetAdaptersAddresses
GetAdaptersInfo
NotifyAddrChange

kernel32

UnhandledExceptionFilter
GetProcessHeap
GetCurrentProcess
SetEvent
ExitProcess
lstrcmpiW
InterlockedDecrement
FindResourceW
GlobalAlloc
FlushFileBuffers
HeapCreate
FindNextFileW
GetStringTypeExW
GlobalGetAtomNameW
GetShortPathNameW
DeleteCriticalSection
SuspendThread
GetPrivateProfileIntW
IsDebuggerPresent
TerminateProcess
HeapAlloc
CompareStringA
InterlockedIncrement
GlobalUnlock
GetLocaleInfoW
SetFileAttributesW
SystemTimeToFileTime
CloseHandle
LoadLibraryA
MoveFileW
ExitThread
TlsSetValue
GetVersionExA
LoadResource
GetSystemInfo
GetVersionExW
lstrcmpA
GetFileAttributesW
CreateFileW
GetDriveTypeW
CreateProcessW
SetFileTime
SetLastError
SetThreadPriority
GetThreadLocale
GetEnvironmentStrings
GetFullPathNameW
TlsFree
LCMapStringW
GetCurrentThreadId
GlobalReAlloc
lstrlenW
GetACP
FileTimeToLocalFileTime
GetFileSize
LocalReAlloc
FormatMessageW
GlobalFindAtomW
SetCurrentDirectoryA
GetPrivateProfileStringW
SetHandleCount
GlobalLock
GetUserDefaultLCID
GetFileAttributesA
SetEndOfFile
FreeEnvironmentStringsW
WritePrivateProfileStringW
VirtualAlloc
GetAtomNameW
lstrcmpW
GlobalFlags
TlsGetValue
GetStdHandle
GetVersion
Sleep
FreeResource
InitializeCriticalSection
GetOEMCP
CreateEventW
HeapFree
TlsAlloc
GetVolumeInformationW
FileTimeToSystemTime
HeapReAlloc
IsValidCodePage
WaitForSingleObject
HeapDestroy
ReadFile
LocalAlloc
WriteFile
GetModuleFileNameW
GetCurrentThread
LeaveCriticalSection
SetUnhandledExceptionFilter
GlobalAddAtomW
FindClose
FatalAppExitA
EnterCriticalSection
GetCommandLineA
LocalFileTimeToFileTime
FreeEnvironmentStringsA
ResetEvent
ResumeThread
GetCurrentProcessId
SizeofResource
InterlockedExchange
LockResource
GetCPInfo
ConvertDefaultLocale
DuplicateHandle
MulDiv
UnlockFile
GetCurrentDirectoryA
VirtualFree
GetStartupInfoW
GetEnvironmentStringsW
GetModuleHandleA
CompareStringW
GetCommandLineW
SetFilePointer
LockFile
GetFileTime
SetErrorMode
FindFirstFileW
RaiseException
GlobalHandle
CreateThread
RtlUnwind
WideCharToMultiByte
GlobalSize
GlobalDeleteAtom
EnumResourceLanguagesW
CopyFileW
LCMapStringA
lstrcpyA
GlobalFree
lstrlenA
HeapSize
DeleteFileW
GetLastError

crypt32

CertOpenStore
CryptUnprotectData
CertFindCertificateInStore
CertFreeCertificateContext
CertCloseStore

Sections

.data
Size: 30KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

335862be38e1dd215200616b8035c4e6

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

mswsock

comdlg32

msvcrt

iphlpapi

kernel32

crypt32

Sections

.data Size: 30KB - Virtual size: 1.8MB

.rdata Size: 240KB - Virtual size: 240KB

.rsrc Size: 55KB - Virtual size: 55KB

.text Size: 127KB - Virtual size: 126KB

.data
Size: 30KB - Virtual size: 1.8MB

.rdata
Size: 240KB - Virtual size: 240KB

.rsrc
Size: 55KB - Virtual size: 55KB

.text
Size: 127KB - Virtual size: 126KB