953b8f7c908d28805c8b86783b15635413c9f7bfdc3881cf444c71f0e18ff499

Sharing

Copy URL Twitter E-mail

General

Target

953b8f7c908d28805c8b86783b15635413c9f7bfdc3881cf444c71f0e18ff499
Size

203KB
MD5

34657cef3cafb26d240110cf20495400
SHA1

2655e7f5fe4ec3a621a1de17fcef7c4330892f63
SHA256

953b8f7c908d28805c8b86783b15635413c9f7bfdc3881cf444c71f0e18ff499
SHA512

bc1c66f61a3a7e62c806d01b7667cfbd5b64e9d0cab68b4107c44823c4377faa4dce541f39a02f375c2f84262990aba735a1abef0d1fc5944c7af24ef651d36a
SSDEEP

3072:v05rVMXQv4ar3sCLHxmZeX+kl6mml/f/K7ZCiEmZyGd1+a:vURvB3si4UnMmml/3KUiEmZym

Score

N/A

Malware Config

Signatures

Files

953b8f7c908d28805c8b86783b15635413c9f7bfdc3881cf444c71f0e18ff499
.exe windows x86

d76a5dde23ed604e80c8985677fb6986

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowLongW
ShowWindow
TranslateMessage
PeekMessageW
GetDC
ClientToScreen
EnableWindow
LoadStringW
CheckDlgButton
DestroyWindow
GetClientRect
DefWindowProcW
GetDlgItemInt
InvalidateRect
GetDlgItem
SetDlgItemInt
LoadCursorW
IsRectEmpty
GetAsyncKeyState
CheckRadioButton
SetCursor
ReleaseDC
SendMessageW
IsWindow
CreateDialogParamW
GetWindowRect
SetDlgItemTextW
GetDesktopWindow
DispatchMessageW
MoveWindow
SetWindowLongW
IsWindowVisible

kernel32

GetProcAddress
SetUnhandledExceptionFilter
lstrcpyA
GlobalUnlock
GetProfileIntA
GetSystemTimeAsFileTime
GetDiskFreeSpaceW
lstrcmpW
GetFileSize
LeaveCriticalSection
IsBadReadPtr
QueryPerformanceCounter
GlobalMemoryStatus
GetFileAttributesW
DeleteFileW
GlobalFree
GetProcessHeap
FreeLibrary
ResetEvent
MulDiv
GetTickCount
WideCharToMultiByte
GetModuleFileNameA
WaitForMultipleObjects
lstrlenA
InterlockedExchange
GetFullPathNameW
HeapFree
lstrlenW
IsBadCodePtr
GetTimeZoneInformation
GetEnvironmentStringsA
SetThreadPriority
GlobalLock
IsBadWritePtr
GetSystemInfo
GetVersionExW
WaitForSingleObject
MultiByteToWideChar
CreateThread
InterlockedIncrement
GetACP
InterlockedDecrement
EnterCriticalSection
lstrcpyW
CloseHandle
GetPrivateProfileStringW
GetLastError
lstrcpynW
GetCurrentProcess
InitializeCriticalSection
LoadLibraryW
CreateFileW
VirtualFree
SetEvent
CreateSemaphoreW
GlobalHandle
DeleteCriticalSection
ReadFile
CreateEventW
GetCurrentThread
WriteFile
ReleaseSemaphore
lstrcmpiW
HeapAlloc
GetCurrentProcessId
GetThreadPriority
SetEndOfFile
GetQueuedCompletionStatus
SetFilePointer
GlobalAlloc

cewmdm

DllRegisterServer
DllUnregisterServer
DllGetClassObject
DllCanUnloadNow

cfgmgr32

CMP_WaitNoPendingInstallEvents
CMP_WaitServicesAvailable
CM_Add_Empty_Log_Conf
CMP_Report_LogOn
CMP_Init_Detection

nddeapi

NDdeGetTrustedShareA
NDdeGetShareSecurityW
NDdeGetErrorStringA
NDdeGetTrustedShareW
NDdeIsValidAppTopicListA
NDdeGetShareSecurityA
NDdeIsValidAppTopicListW

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d76a5dde23ed604e80c8985677fb6986

Headers

File Characteristics

Imports

user32

kernel32

cewmdm

cfgmgr32

nddeapi

Sections

.text Size: 81KB - Virtual size: 81KB

.rdata Size: 58KB - Virtual size: 58KB

.data Size: 58KB - Virtual size: 2.1MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 81KB - Virtual size: 81KB

.rdata
Size: 58KB - Virtual size: 58KB

.data
Size: 58KB - Virtual size: 2.1MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB