75831822f183619464b9998df7efd85356a8e203b2d8021646d56744e9bb441e

Sharing

Copy URL Twitter E-mail

General

Target

75831822f183619464b9998df7efd85356a8e203b2d8021646d56744e9bb441e
Size

831KB
MD5

121999303d55488801fad61f1afbecb1
SHA1

a4f8e6167899cac4cd0957be3fcd7269c8d1efef
SHA256

75831822f183619464b9998df7efd85356a8e203b2d8021646d56744e9bb441e
SHA512

499f8e300539348484207ecb493ec3abb393c5d8a2b0008a94e984749799067c323e1b5f3839c6a59ca720c6395d0430f4e4d0d72e3cc5318df8b31b0df7b9f0
SSDEEP

24576:/B7byCCbk/dhdefNVVgVkBetWfNniq7yNQV4kct5it:5dCon2NVBBeQliqDl

Score

N/A

Malware Config

Signatures

Files

75831822f183619464b9998df7efd85356a8e203b2d8021646d56744e9bb441e
.exe windows x86

e5cbdb52796532b482921d6bda236210

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteOrphanKeyA
PathIsSystemFolderA
SHRegOpenUSKeyA
SHRegOpenUSKeyW
StrCmpNIA
SHRegQueryInfoUSKeyA
PathSkipRootW
PathRemoveArgsA
PathCreateFromUrlW
PathFindSuffixArrayA
SHDeleteEmptyKeyW
StrSpnW
PathIsURLA
StrStrW
SHRegGetPathA
SHEnumValueW
SHEnumValueA
PathAddExtensionA
PathQuoteSpacesA
SHRegisterValidateTemplate
StrNCatW
PathCompactPathW
PathFindSuffixArrayW

kernel32

GetConsoleKeyboardLayoutNameW
GetStringTypeExW
GetModuleHandleW
SetTermsrvAppInstallMode
GetNumberOfConsoleMouseButtons
GetLocaleInfoA
GetConsoleCP
GetModuleFileNameW
LCMapStringA
SetErrorMode
LocalLock
GetConsoleNlsMode
ReadConsoleInputA
SetCalendarInfoW
HeapCompact
GetCurrentThread
GlobalFix
OpenProcess
LoadLibraryW

duser

UnregisterGadgetMessageString
DUserGetRectPRID
SetGadgetRotation
SetGadgetBufferInfo
FireGadgetMessages
DUserCastClass
SetGadgetFillF
SetGadgetRootInfo
DrawGadgetTree
GetGadgetTicket
RemoveGadgetMessageHandler
InitGadgets
SetGadgetMessageFilter
UtilDrawOutlineRect
DUserGetAlphaPRID

oleaut32

OleLoadPictureFileEx
VarUI8FromBool
SafeArrayDestroy
OleLoadPicture
OACreateTypeLib2
VarBstrFromDisp
SafeArrayCreateEx
GetErrorInfo
VarR4FromUI2
VarR8FromI8
VarDecAbs
VarI4FromUI4
VarI4FromI8
VarUI2FromI8
DosDateTimeToVariantTime
VarParseNumFromStr
VarI4FromDec
GetRecordInfoFromGuids
VarI1FromDate
VarR4FromUI4
VarDiv
VarBoolFromUI8
VarDateFromDisp
VARIANT_UserSize
VarUI1FromI1
DllRegisterServer
SafeArrayGetVartype
VarDecFromBool
SafeArraySetIID
VarR4CmpR8

dbghelp

SymUnDName
SymGetFileLineOffsets64
SymFromAddr
SymGetModuleInfo
ExtensionApiVersion
SymGetSymFromAddr64
SymGetSymFromAddr
FindFileInSearchPath
SymGetTypeInfo
SymUnDName64
GetTimestampForLoadedLibrary
SymLoadModuleEx

untfs

?InsertIntoFile@NTFS_ATTRIBUTE@@UAEEPAVNTFS_FILE_RECORD_SEGMENT@@PAVNTFS_BITMAP@@@Z
?GetNextAttributeRecord@NTFS_FRS_STRUCTURE@@QAEPAXPBXPAVMESSAGE@@PAE@Z
??0NTFS_ATTRIBUTE_RECORD@@QAE@XZ
?Initialize@NTFS_BAD_CLUSTER_FILE@@QAEEPAVNTFS_MASTER_FILE_TABLE@@@Z
??0NTFS_LOG_FILE@@QAE@XZ
??1NTFS_FRS_STRUCTURE@@UAE@XZ
?ComputeFileNameSignature@NTFS_MFT_INFO@@CGXKPAU_FILE_NAME@@QAE@Z
?QueryAttributeListAttribute@NTFS_FILE_RECORD_SEGMENT@@QAEEPAVNTFS_ATTRIBUTE@@PAE@Z
??1NTFS_BITMAP_FILE@@UAE@XZ

admparse

DllMain
IsAdmDirty
ResetAdmDirtyFlag
AdmSaveData
AdmClose

Sections

.text
Size: 361KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5cbdb52796532b482921d6bda236210

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

duser

oleaut32

dbghelp

untfs

admparse

Sections

.text Size: 361KB - Virtual size: 360KB

.rdata Size: 145KB - Virtual size: 145KB

.data Size: 189KB - Virtual size: 1.6MB

.rsrc Size: 134KB - Virtual size: 133KB

.reloc Size: 1024B - Virtual size: 912B

.text
Size: 361KB - Virtual size: 360KB

.rdata
Size: 145KB - Virtual size: 145KB

.data
Size: 189KB - Virtual size: 1.6MB

.rsrc
Size: 134KB - Virtual size: 133KB

.reloc
Size: 1024B - Virtual size: 912B