1c9f2f57291295b445a262ae9de9a7a2fda53ddece09dfa9cc00f3e5f02c6f25

General

Target

1c9f2f57291295b445a262ae9de9a7a2fda53ddece09dfa9cc00f3e5f02c6f25
Size

276KB
MD5

3a04cd65f92f7c24d96a09fa95ff29fb
SHA1

6a166d4832e0431d50c9d158ef2457574d6401dc
SHA256

1c9f2f57291295b445a262ae9de9a7a2fda53ddece09dfa9cc00f3e5f02c6f25
SHA512

acce6f0293a0755b9183d2317118d89ba7db62fc4732fe8d6de4a01686c683da6596884e87d1f4a22f1a8a50acc4b837abc7e482e608c18f54118632b242b588
SSDEEP

3072:iDOKHKLj4Rl04/jRgi1OI/dq0be14EqkAdKB1afdSJj65G7K2yzZ43:iMMl04NvM0ZEqkiKT6d46QHr3

Score

N/A

Malware Config

Signatures

Files

1c9f2f57291295b445a262ae9de9a7a2fda53ddece09dfa9cc00f3e5f02c6f25
.exe windows x86

6960d962872015bfddd979145d15e8db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSQuerySessionInformationA
WTSEnumerateServersA
WTSOpenServerW
WTSSetUserConfigW
WTSVirtualChannelWrite
WTSQueryUserToken
WTSVirtualChannelPurgeInput
WTSFreeMemory
WTSRegisterSessionNotification
WTSLogoffSession
WTSVirtualChannelOpen

modemui

drvSetDefaultCommConfigA
CountryRunOnce

user32

LoadIconA
GetPropA
GetDlgItemTextW
PeekMessageW
DrawStateA
LoadCursorA
InsertMenuA
CharToOemA
GetMessageW
FlashWindow
LoadBitmapA
CreateDesktopW
PostMessageW
DispatchMessageW
DialogBoxParamA
LoadMenuW
IsDialogMessageW

cfgmgr32

CM_Add_IDA
CMP_Init_Detection

kernel32

GetTimeFormatA
GetPrivateProfileSectionW
GetLogicalDriveStringsW
ReadFile
GetModuleHandleA
HeapSize
CompareStringA
lstrcpynA
GetProcessId
LoadLibraryW
SleepEx
ReadConsoleA
SetEnvironmentVariableW
CreateNamedPipeA
GetGeoInfoW
VirtualProtect

ctl3d32

Ctl3dGetVer
Ctl3dRegister
Ctl3dUnregister

shell32

SHFree
SHFileOperationA
StrChrA
ExtractIconA
ShellMessageBoxA
ShellAboutA
DragFinish
DragQueryPoint
SHChangeNotify
DuplicateIcon
DragAcceptFiles
SHGetFileInfoA
SHGetDesktopFolder

qutil

AllocConnections
FreeFixupInfo
AllocFixupInfo
FreeSoH

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6960d962872015bfddd979145d15e8db

Headers

DLL Characteristics

File Characteristics

Imports

wtsapi32

modemui

user32

cfgmgr32

kernel32

ctl3d32

shell32

qutil

Sections

.text Size: 56KB - Virtual size: 52KB

.data Size: 48KB - Virtual size: 46KB

.rsrc Size: 168KB - Virtual size: 165KB

.text
Size: 56KB - Virtual size: 52KB

.data
Size: 48KB - Virtual size: 46KB

.rsrc
Size: 168KB - Virtual size: 165KB