0436ea999689677814c53d603b93a367f6cef848bfdd8b054a3afab42cb92c9a

Sharing

Copy URL Twitter E-mail

General

Target

0436ea999689677814c53d603b93a367f6cef848bfdd8b054a3afab42cb92c9a
Size

166KB
MD5

20f64a7b12b726419a1ccd3eb95b1a60
SHA1

4139fe5a2377517307be16435fc04b08be3147cf
SHA256

0436ea999689677814c53d603b93a367f6cef848bfdd8b054a3afab42cb92c9a
SHA512

2dde292464668a7eadafbf5c29aba2b4fd0129336ad2b389654c86fafcc19542a81828d81cdd3900dbde3808baa8588962fb046be77573e6b69760ae195bba68
SSDEEP

3072:lQeKQ5kMHo0/M5uE22y9QbUvtUoTcsXnAYyfWZ//3i4AB3G56:lQeNkKP/AzMKbUJ538IP9t5

Score

N/A

Malware Config

Signatures

Files

0436ea999689677814c53d603b93a367f6cef848bfdd8b054a3afab42cb92c9a
.exe windows x86

1b43e1a5b742f92ed4517d84416ed3be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToDosDateTime
GetCurrentThreadId
GetCompressedFileSizeW
VerifyVersionInfoA
DosDateTimeToFileTime
GetDriveTypeW
EnumResourceLanguagesW
WaitForSingleObject
CreateJobObjectW
IsDBCSLeadByte
SetMessageWaitingIndicator
GlobalAlloc
QueryInformationJobObject
DebugActiveProcess
OpenSemaphoreA
UnmapViewOfFile
GetQueuedCompletionStatus
IsBadWritePtr
GetEnvironmentVariableW
CreateMailslotW
GetCommModemStatus
GetTimeFormatA
SetSystemTime
GetExitCodeProcess
SetThreadPriority

secur32

LsaCallAuthenticationPackage
LsaLookupAuthenticationPackage
LsaDeregisterLogonProcess
LsaFreeReturnBuffer

crypt32

CryptEncodeObject
CryptExportPublicKeyInfo
CertCreateCertificateContext

advapi32

GetLengthSid
CredReadW
RegQueryValueExA
AllocateAndInitializeSid
CryptAcquireContextA
CredWriteW
RegOpenKeyExW
CryptGenKey
FreeSid
CredFree
RegQueryValueExW
RegCloseKey
GetUserNameW
CryptExportKey
RegOpenKeyExA
CheckTokenMembership
RegQueryInfoKeyW
CryptReleaseContext
RegEnumKeyExW
LogonUserW
CryptDestroyKey
LookupAccountNameW

uxtheme

GetCurrentThemeName

user32

EndDialog
FillRect
SystemParametersInfoW
IsWindow
SetMenuInfo
PostQuitMessage
SetCursor
KillTimer
SetWindowLongW
RegisterHotKey
LoadIconW
UpdateWindow
GetScrollInfo
DefMDIChildProcA
DestroyCursor
IsClipboardFormatAvailable
GetActiveWindow
ChangeMenuW
PostMessageW
GetSysColorBrush
GetProcessWindowStation
GetParent
CreateDialogParamW
SetPropW
SendMessageW
ScrollWindowEx
SetTimer
IMPGetIMEA
GetWindowTextLengthW
WaitMessage
DefWindowProcW
SetWindowPos
GetNextDlgTabItem
SetMenuItemInfoA
CallWindowProcW
UnregisterClassA
GetWindowLongW
MapWindowPoints
EndPaint
SetFocus
GetWindow
GetFocus
GetDlgItem
GetDesktopWindow
GetWindowTextW
GetDlgItemTextW
AdjustWindowRect
SetScrollInfo
ShowWindow
GetDC
MessageBoxExW
RegisterClipboardFormatA
SetScrollPos
ReleaseDC
TabbedTextOutW
EnableWindow
DestroyWindow
ClientToScreen
SetDlgItemTextW
BeginPaint
InvalidateRect
SendDlgItemMessageW
MoveWindow
GetWindowRect
GetSysColor
GetPropW
LoadCursorW

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 41KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1b43e1a5b742f92ed4517d84416ed3be

Headers

File Characteristics

Imports

kernel32

secur32

crypt32

advapi32

uxtheme

user32

Sections

.text Size: 101KB - Virtual size: 101KB

.data Size: 19KB - Virtual size: 51KB

.rdata Size: 3KB - Virtual size: 3KB

.rsrc Size: 41KB - Virtual size: 69KB

.text
Size: 101KB - Virtual size: 101KB

.data
Size: 19KB - Virtual size: 51KB

.rdata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 41KB - Virtual size: 69KB