2555d3012e7504ae4f8c3f37c6a5a932981a49bf65f2d9340227a4f43c9b85ac

Sharing

Copy URL Twitter E-mail

General

Target

2555d3012e7504ae4f8c3f37c6a5a932981a49bf65f2d9340227a4f43c9b85ac
Size

284KB
MD5

2d64571589355883de81e58c5305fd3a
SHA1

887c264cca6bcb1574dc930cfc046d7bf51198fc
SHA256

2555d3012e7504ae4f8c3f37c6a5a932981a49bf65f2d9340227a4f43c9b85ac
SHA512

73704046dce98116fb0672994722ff6acc303efc21cc19e2a64d1093998809945ac9255188652e196179441b2c77792ce71b48e90c73fcd5c535f0e05ad37a75
SSDEEP

3072:BbCrkWcG3Qlc6Vq0sNMrocYJ1lRZHaVsqXEYaX9WkKVIOJNbEfu9+2VV:QcGs3Vq0AMkR1lH9qXEPAkKVIWYfu02

Score

N/A

Malware Config

Signatures

Files

2555d3012e7504ae4f8c3f37c6a5a932981a49bf65f2d9340227a4f43c9b85ac
.exe windows x86

97d4ce52e8ef9ddf9a2e45c97b538cdd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

uxtheme

GetThemeTextExtent
GetThemeBool
DrawThemeBackground
GetThemeColor
OpenThemeData
GetWindowTheme
SetWindowTheme
GetThemeInt
CloseThemeData
GetThemeTextMetrics
DrawThemeEdge
GetThemeSysSize
GetThemeFilename
GetThemeRect

onex

OneXDeInitialize
OneXAddTLV
OneXCopyAuthParams
OneXFreeMemory

cfgmgr32

CM_Add_Range
CM_Add_IDA
CM_Add_Empty_Log_Conf
CMP_Init_Detection

user32

IsDialogMessageW
CreateDesktopW
LoadMenuW
LoadIconA
DispatchMessageW
GetClassLongA
DrawStateA
InsertMenuA
DialogBoxParamA
LoadCursorA
wsprintfA

kernel32

GetGeoInfoW
lstrcmpi
SetEnvironmentVariableW
GetConsoleTitleW
GetModuleHandleA
GetCommandLineA
UpdateResourceW
VirtualProtect
HeapSize
SleepEx
GetAtomNameA
LoadLibraryW
HeapAlloc
GetPrivateProfileIntA
CreateNamedPipeA
SetFilePointer
GetDateFormatW

wtsapi32

WTSVirtualChannelPurgeInput
WTSQueryUserToken
WTSVirtualChannelClose
WTSOpenServerW
WTSVirtualChannelQuery
WTSEnumerateProcessesA
WTSFreeMemory
WTSSetSessionInformationW
WTSWaitSystemEvent
WTSVirtualChannelOpen
WTSUnRegisterSessionNotification
WTSEnumerateServersA
WTSVirtualChannelWrite
WTSQuerySessionInformationA
WTSSendMessageA
WTSEnumerateSessionsW

ctl3d32

Ctl3dUnregister
Ctl3dGetVer

modemui

drvSetDefaultCommConfigA
drvGetDefaultCommConfigA

Sections

.text
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97d4ce52e8ef9ddf9a2e45c97b538cdd

Headers

DLL Characteristics

File Characteristics

Imports

uxtheme

onex

cfgmgr32

user32

kernel32

wtsapi32

ctl3d32

modemui

Sections

.text Size: 204KB - Virtual size: 200KB

.data Size: 48KB - Virtual size: 44KB

.rsrc Size: 28KB - Virtual size: 25KB

.text
Size: 204KB - Virtual size: 200KB

.data
Size: 48KB - Virtual size: 44KB

.rsrc
Size: 28KB - Virtual size: 25KB