68171814b6349dc2a3dfef63c9e5f3cd0984e4f2b90b7fa983c9183c6a53e63c

Sharing

Copy URL Twitter E-mail

General

Target

68171814b6349dc2a3dfef63c9e5f3cd0984e4f2b90b7fa983c9183c6a53e63c
Size

113KB
MD5

0c41fa3076f1640f600ba46dc58f4c20
SHA1

f23d69e102c82f69dedfe2b5451027551881b387
SHA256

68171814b6349dc2a3dfef63c9e5f3cd0984e4f2b90b7fa983c9183c6a53e63c
SHA512

2e0f0249f59ad4d959927d522a24f4a0c34ac736069d752efbecc2641b783bd93266750d411a91022dfd8a32d7f2919e7c3aaee12e8720a640e4c027664a2845
SSDEEP

3072:08DxFJEMk03pmOGJXn3DRYjN62Cp2OlX0PhpqTRZIaPoj:3CMRmh3dSN68OlEqTRwj

Score

N/A

Malware Config

Signatures

Files

68171814b6349dc2a3dfef63c9e5f3cd0984e4f2b90b7fa983c9183c6a53e63c
.exe windows x86

759dd76b756bbbc103abb69a291c5612

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__dllonexit
_onexit
_wcsicmp
memmove
_CxxThrowException
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_vsnwprintf
memset
__CxxFrameHandler
??2@YAPAXI@Z
_controlfp
_amsg_exit
free
wcsstr
calloc
memcpy

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExA

kernel32

FindNextFileW
FindClose
GetUserDefaultUILanguage
LoadLibraryExW
ExpandEnvironmentStringsA
InterlockedExchange
lstrcmpW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
GetProcessHeap
HeapSize
GetVersionExA
FindFirstFileW
RtlUnwind
GetStartupInfoW
InterlockedCompareExchange
Sleep
EnterCriticalSection
RaiseException
LoadLibraryA
GetModuleHandleA
LoadLibraryW
GetModuleHandleW
GetProcAddress
GetFileAttributesW
GetVersion
GetLastError
CreateEventW
LocalFree
GlobalAlloc
OpenEventW
WaitForSingleObject
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
lstrlenW
SetLastError
GetModuleFileNameW
OutputDebugStringA
FreeLibrary
CloseHandle
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
lstrcmpiW

gdi32

CreateFontIndirectW

user32

LoadImageW
LoadStringW
UnregisterClassA
EnableWindow
EndDialog
GetDlgItem
SetWindowTextW
SendMessageW
DestroyWindow
CreateDialogParamW
DialogBoxParamW
ShowWindow
SetActiveWindow
SetForegroundWindow
SetWindowPos
FindWindowW
InvalidateRect
KillTimer
SetTimer
ScreenToClient
GetWindowRect
SystemParametersInfoW
LoadMenuW

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysAllocStringLen
SysAllocString
SysFreeString

shell32

ShellExecuteW

shlwapi

PathRemoveFileSpecW
PathAppendW
PathFindFileNameW
PathFindExtensionW
PathIsFileSpecW
PathRemoveExtensionW
PathIsDirectoryW

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

759dd76b756bbbc103abb69a291c5612

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

ole32

oleaut32

shell32

shlwapi

Sections

.text Size: 31KB - Virtual size: 30KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 74KB - Virtual size: 76KB

.text
Size: 31KB - Virtual size: 30KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 74KB - Virtual size: 76KB