6082fce6ef0ee057ce5f86fe56b48cf1aa4fc32626bc216c003a8981dbe1b4fd

Sharing

Copy URL

Twitter E-mail

General

Target

6082fce6ef0ee057ce5f86fe56b48cf1aa4fc32626bc216c003a8981dbe1b4fd
Size

89KB
MD5

08b99d10603c1064bc25795820ae12d0
SHA1

895437f453586f79d6949ade5f181c260c4a4e62
SHA256

6082fce6ef0ee057ce5f86fe56b48cf1aa4fc32626bc216c003a8981dbe1b4fd
SHA512

dd55da2ead783aaeb6cae547b927e2d1bedee98845c9ae35343c71c9a51bd16deafa58bb15caf212ae48e48f9325b04e29e3f371562fec3b74b32bc3f4bedbea
SSDEEP

1536:QEN0StqhGM6TUgHRYNntYzDLsWT0HQrWO5K8ghtfxapGpxYDJSPR:p0+qhGhTUWOK/sK0HQCCKlhtfxaQpbP

Score

N/A

Malware Config

Signatures

Files

6082fce6ef0ee057ce5f86fe56b48cf1aa4fc32626bc216c003a8981dbe1b4fd
.exe windows x86

39ffd653303861b3373fdacc91301f95

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegEnumValueW
RegSetValueW
RegDeleteKeyW
GetLengthSid
GetNamedSecurityInfoW
SetNamedSecurityInfoW
OpenProcessToken
AddAccessAllowedAceEx
ConvertStringSidToSidW

kernel32

LoadLibraryW
SetErrorMode
GetSystemDirectoryW
GetVersionExW
CloseHandle
WriteFile
SizeofResource
CreateFileW
LockResource
LoadResource
FindResourceW
SetFileAttributesW
GetFileAttributesW
Sleep
GetTickCount
CreateProcessW
DeleteFileW
lstrcmpW
FindFirstFileExW
FindClose
FindNextFileW
FindFirstFileW
SetCurrentDirectoryW
FreeLibrary
GetShortPathNameW
GetSystemDefaultUILanguage
CreateDirectoryW
WaitForSingleObject
ExpandEnvironmentStringsW
CompareStringOrdinal
InterlockedDecrement
GetTempFileNameW
GetTempPathW
SetLastError
FindResourceExW
IsWow64Process
GetNativeSystemInfo
GetPrivateProfileStringW
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange
GetModuleFileNameW
LocalFree
LocalAlloc
GetModuleHandleW
GetProcAddress
GetVersion
GetEnvironmentVariableW
GetLastError
lstrlenW
GetCurrentDirectoryW
MapViewOfFile
CreateFileMappingW
GetLocaleInfoW
UnmapViewOfFile
GetUserDefaultUILanguage
SearchPathW
LoadLibraryExW

user32

BlockInput
UnhookWinEvent
SetTimer
GetShellWindow
LoadStringW
PostMessageW
GetMenuItemInfoW
GetMenuItemCount
DestroyMenu
CreatePopupMenu
SendInput
GetCursorPos
SystemParametersInfoW
PostQuitMessage
SetWinEventHook
KillTimer
DispatchMessageW
GetMessageW

msvcrt

??1type_info@@UAE@XZ
iswalpha
wcschr
??3@YAXPAX@Z
??2@YAPAXI@Z
_time64
_vsnwprintf
iswctype
memcpy
wcsncmp
_wcsnicmp
_wcsicmp
bsearch
memcpy_s
wcsrchr
fclose
swscanf_s
fgetws
_controlfp
_except_handler4_common
?terminate@@YAXXZ
memset
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_CxxThrowException
_wfopen_s

shell32

SHGetSpecialFolderPathW
SHSetLocalizedName
SHParseDisplayName
SHGetFolderPathW
SHBindToParent
ord190
ord526
ord165
SHChangeNotify
SHGetSpecialFolderLocation
ord155
SHGetDesktopFolder

ole32

OleUninitialize
CoTaskMemFree
PropVariantClear
CoCreateInstance
CoUninitialize
CoInitializeEx
OleInitialize

ieadvpack

RegRestoreAllW
ExecuteCabW
RunSetupCommandW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

SHRegGetUSValueW
PathIsNetworkPathW
PathCombineW
SHRegGetValueW
SHRegDeleteUSValueW
ord388
StrStrW
ord225
PathRemoveExtensionW
PathFindFileNameW
PathRemoveBlanksW
SHDeleteValueW
SHSetValueW
StrCmpIW
SHGetValueW
SHStrDupW
SHRegSetUSValueW
PathFileExistsW
StrStrIW
ord158
ord437
StrCmpNIW
SHDeleteKeyW
SHCopyKeyW

iertutil

ord650
ord39
ord33
ord57
ord654

oleacc

AccessibleObjectFromEvent

oleaut32

VariantInit
SysAllocString
VariantClear
SysFreeString

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

39ffd653303861b3373fdacc91301f95

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

msvcrt

shell32

ole32

ieadvpack

version

shlwapi

iertutil

oleacc

oleaut32

Sections

.text Size: 63KB - Virtual size: 63KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 21KB - Virtual size: 24KB

.text
Size: 63KB - Virtual size: 63KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 21KB - Virtual size: 24KB