d578d5def7a367d0b8d2f2ec0f3bb603dfd142cea3563a54530cf87b94d86962

Sharing

Copy URL Twitter E-mail

General

Target

d578d5def7a367d0b8d2f2ec0f3bb603dfd142cea3563a54530cf87b94d86962
Size

288KB
MD5

3a53a936505ad282d6e72b984e31b7bc
SHA1

bf7f3e7e3588f695935af2b796c7b2a8bde19153
SHA256

d578d5def7a367d0b8d2f2ec0f3bb603dfd142cea3563a54530cf87b94d86962
SHA512

45c565759b95c1f8445791d78830a79c5673ba7fbb25822a269f407ec12afe247e056b55e8387c3d749333120d799dc146f660e9d7d2a20ad86a3d7c8ca371e1
SSDEEP

6144:NY/CV+PmoxWbM945LwA43dsZmrqNhFp/OESm:NiXxiLf4dS

Score

N/A

Malware Config

Signatures

Files

d578d5def7a367d0b8d2f2ec0f3bb603dfd142cea3563a54530cf87b94d86962
.exe windows x86

03e8026c290d10190f4c95f9c2818739

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragFinish
SHGetDiskFreeSpaceA
DragQueryPoint
ExtractIconA
SHGetMalloc
SHFree
SHGetDesktopFolder
DuplicateIcon
DragQueryFileA
SHGetFileInfoA

user32

IsCharLowerW
GetDlgItemTextW
IsDialogMessageW
LoadMenuW
DrawStateA
GetMessageW
PeekMessageW
DialogBoxParamA
CharToOemA
LoadCursorA
InsertMenuA
DispatchMessageW
CreateDesktopW
GetPropA

wtsapi32

WTSSetSessionInformationW
WTSVirtualChannelQuery
WTSRegisterSessionNotification
WTSEnumerateProcessesA
WTSEnumerateServersA
WTSLogoffSession
WTSSetUserConfigW
WTSVirtualChannelWrite
WTSVirtualChannelRead
WTSEnumerateSessionsW
WTSUnRegisterSessionNotification
WTSVirtualChannelPurgeInput
WTSQuerySessionInformationA
WTSFreeMemory
WTSWaitSystemEvent
WTSSendMessageA
WTSOpenServerW

kernel32

LoadLibraryW
GetAtomNameA
GetLogicalDriveStringsW
GetEnvironmentVariableA
ReadConsoleA
CreateDirectoryA
GetConsoleTitleW
SleepEx
SetFilePointer
GetModuleHandleA
FormatMessageA
GetProcessId
VirtualProtect
GetNumberFormatW
CreateNamedPipeA
ReadFile
HeapAlloc

qutil

AllocConnections
FreeSoH
FreeConnections
FreeFixupInfo
AllocFixupInfo

cfgmgr32

CMP_Report_LogOn
CM_Add_Empty_Log_Conf

uxtheme

GetThemeRect
CloseThemeData
GetThemeTextExtent
GetThemeColor
GetThemeFilename
GetThemeSysSize
IsThemeActive
DrawThemeEdge
GetThemeBool
GetWindowTheme
GetThemeInt

ctl3d32

Ctl3dUnregister
Ctl3dCtlColor
Ctl3dEnabled
Ctl3dRegister

Sections

.text
Size: 208KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03e8026c290d10190f4c95f9c2818739

Headers

DLL Characteristics

File Characteristics

Imports

shell32

user32

wtsapi32

kernel32

qutil

cfgmgr32

uxtheme

ctl3d32

Sections

.text Size: 208KB - Virtual size: 204KB

.data Size: 48KB - Virtual size: 46KB

.rsrc Size: 28KB - Virtual size: 25KB

.text
Size: 208KB - Virtual size: 204KB

.data
Size: 48KB - Virtual size: 46KB

.rsrc
Size: 28KB - Virtual size: 25KB