c908dd221f66a8c711a9621f1c53f091ef1c1bba83acd4c2d6f6a2420b359f34

Sharing

Copy URL

Twitter E-mail

General

Target

c908dd221f66a8c711a9621f1c53f091ef1c1bba83acd4c2d6f6a2420b359f34
Size

55KB
MD5

382faf589a7d7f2cf256883ce9cd6540
SHA1

0b1c72d68d7d79b4228823a141d3b4a64f52d699
SHA256

c908dd221f66a8c711a9621f1c53f091ef1c1bba83acd4c2d6f6a2420b359f34
SHA512

f3db81d436d36e484a532cb750cf68d079a9d9b13a89039029dc408c8c9d5cbb0b0f50f5c15d9232ff1e0d3939db05673ff5b5407679a0b5d4d390cd089124e4
SSDEEP

1536:cknkSfCUtOTgBUtLk10CqvsaxmtMtNHe:cknkSfZWCoC0Cqvf39e

Score

N/A

Malware Config

Signatures

Files

c908dd221f66a8c711a9621f1c53f091ef1c1bba83acd4c2d6f6a2420b359f34
.exe windows x86

52808dc9d3413e8b2b20f741b1c4a829

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
MulDiv
FileTimeToDosDateTime
GetProcAddress
lstrcmpW

imm32

ImmGetHotKey
ImmGetCompositionStringW
ImmGetCompositionFontW
ImmNotifyIME
ImmRequestMessageA
ImmGetCandidateListA
ImmConfigureIMEW
ImmGetIMEFileNameA
ImmConfigureIMEA
ImmGetGuideLineW
ImmDisableIME
ImmGetStatusWindowPos
ImmSetHotKey
ImmDestroySoftKeyboard
ImmGetDescriptionA
ImmShowSoftKeyboard
ImmAssociateContextEx
ImmGetImeMenuItemsA
ImmGetIMEFileNameW
ImmGetRegisterWordStyleA
ImmGetVirtualKey
ImmUnregisterWordA
ImmGetCandidateWindow
ImmGetIMCCSize
ImmGetConversionStatus
ImmSetCompositionFontA
ImmIsUIMessageW
ImmGetCompositionStringA
ImmReleaseContext
ImmLockIMC
ImmLockIMCC
ImmGenerateMessage
ImmEnumRegisterWordW
ImmSetCompositionStringA
ImmGetIMCCLockCount
ImmIsIME
ImmEscapeA
ImmSetCompositionFontW
ImmInstallIMEW
ImmUnlockIMCC
ImmGetOpenStatus

shlwapi

PathIsPrefixA
SHRegWriteUSValueW
StrIsIntlEqualA
StrToIntA
UrlCreateFromPathA
StrSpnA
SHRegQueryInfoUSKeyW
PathIsUNCServerShareW
PathIsRelativeW
StrCSpnA
StrChrA
PathRemoveArgsA
SHRegisterValidateTemplate
SHRegDeleteUSValueW
PathFindSuffixArrayW
PathIsURLW
SHRegSetPathA
StrStrIA
SHRegCreateUSKeyW
UrlIsA
PathMakePrettyA
PathFileExistsW
StrTrimA
StrRStrIA
PathUndecorateA
SHRegGetBoolUSValueW
SHRegSetUSValueW
PathMakeSystemFolderA
SHRegOpenUSKeyA
AssocQueryStringByKeyA
UrlUnescapeW
StrRetToStrA
SHGetInverseCMAP
PathIsRelativeA
SHGetThreadRef
UrlCanonicalizeA
PathSetDlgItemPathW
SHRegDeleteEmptyUSKeyA
StrToIntExW
PathSetDlgItemPathA
PathFindExtensionW
PathIsFileSpecW
UrlUnescapeA
PathGetArgsW
StrDupW
IntlStrEqWorkerW
SHQueryValueExA
PathCommonPrefixW
PathIsLFNFileSpecA

wtsapi32

WTSOpenServerA
WTSVirtualChannelQuery
WTSSendMessageW
WTSVirtualChannelPurgeOutput
WTSQuerySessionInformationW
WTSVirtualChannelClose
WTSDisconnectSession
WTSSendMessageA
WTSFreeMemory
WTSSetUserConfigW
WTSEnumerateSessionsW
WTSTerminateProcess
WTSLogoffSession
WTSSetSessionInformationA
WTSEnumerateProcessesW
WTSEnumerateProcessesA
WTSQueryUserConfigA
WTSWaitSystemEvent

comdlg32

ChooseColorA

user32

ExcludeUpdateRgn
DialogBoxParamW
EnumDisplayDevicesW
SetRectEmpty
EndDialog
IsDialogMessageW
TrackPopupMenu
DdeDisconnect
SetWindowsHookExA
BeginPaint
AnimateWindow
CallWindowProcW
CharLowerBuffA
DdeCreateDataHandle
GetKeyboardState
wvsprintfA
SendNotifyMessageW
SendMessageA
OemKeyScan
IsCharAlphaNumericW
AttachThreadInput
MessageBoxW
IsZoomed
SetMessageQueue

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

52808dc9d3413e8b2b20f741b1c4a829

Headers

File Characteristics

Imports

kernel32

imm32

shlwapi

wtsapi32

comdlg32

user32

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 4KB

.rsrc Size: 11KB - Virtual size: 12KB

.xdata Size: 7KB - Virtual size: 6KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 11KB - Virtual size: 12KB

.xdata
Size: 7KB - Virtual size: 6KB