d364d1fdeb9f57fcdfa720ae315511c2e26e79a55c0ac4288e5709b56d6f1437

Sharing

Copy URL Twitter E-mail

General

Target

d364d1fdeb9f57fcdfa720ae315511c2e26e79a55c0ac4288e5709b56d6f1437
Size

316KB
MD5

0c521de4a1a2a879517a135ca869a250
SHA1

82eca9a67900fcd9085c5452fd0e5cf8c35798db
SHA256

d364d1fdeb9f57fcdfa720ae315511c2e26e79a55c0ac4288e5709b56d6f1437
SHA512

3a91533eada82e2d9472901ee5218326f2102983af796a198d69aa80d3a0fa27284e3141993e9a1def45215e3862e2e657d336eb270266b09ea571848ce86fa5
SSDEEP

6144:NtSvxNYLfEHyzQWOiWvWuhk0ASRBR7zuAKSod+j:NG6TzHWvWuhk6F7zuAKS3

Score

N/A

Malware Config

Signatures

Files

d364d1fdeb9f57fcdfa720ae315511c2e26e79a55c0ac4288e5709b56d6f1437
.exe windows x86

51492918bb0913dfdc1549e244da92ef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
lstrcmpiW
SetLastError
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
LocalFree
FreeLibrary
GetProcAddress
GetModuleHandleW
MultiByteToWideChar
LoadLibraryExW
InitializeCriticalSection
DeleteCriticalSection
InterlockedDecrement
InterlockedIncrement
CreateMutexW
ReleaseMutex
GetCommandLineW
WideCharToMultiByte
CloseHandle
CreateThread
FormatMessageW
GetSystemTimeAsFileTime
GetDriveTypeW
CreateEventW
SetEvent
ResetEvent
GetLocalTime
GetDateFormatW
GetTimeFormatW
ExpandEnvironmentStringsW
GetTempPathW
GetWindowsDirectoryW
CreateDirectoryW
GetTempFileNameW
GetDiskFreeSpaceExW
CreateFileW
WriteFile
CopyFileW
LoadLibraryW
DeleteFileW
GetLogicalDriveStringsW
QueryDosDeviceW
GetShortPathNameW
WritePrivateProfileStructW
GetEnvironmentVariableW
lstrlenA
GetFileTime
FindFirstFileExW
FindNextFileW
FindClose
CompareFileTime
RemoveDirectoryW
WaitForMultipleObjects
FlushInstructionCache
GetVersionExA
GetSystemInfo
ExpandEnvironmentStringsA
LoadLibraryA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetModuleFileNameA
GetStdHandle
ExitProcess
Sleep
HeapCreate
GetStartupInfoW
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
VirtualQuery
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
InterlockedExchange
LocalAlloc
GetStringTypeExW
lstrlenW
lstrcmpW
GetModuleFileNameW
GetFileAttributesW
GetVersionExW
GetVersion
WaitForSingleObject
GetCurrentProcess
GetLastError
RaiseException
WritePrivateProfileStringW
GetPrivateProfileIntW
GetFileSize
GetPrivateProfileStringW

user32

GetMonitorInfoW
GetParent
GetClientRect
MapWindowPoints
SetWindowPos
UnregisterClassA
DispatchMessageW
TranslateMessage
GetMessageA
GetMessageW
IsWindowUnicode
PeekMessageW
MsgWaitForMultipleObjects
wsprintfA
CharLowerBuffW
wsprintfW
GetWindowRect
GetSystemMetrics
DispatchMessageA
BeginPaint
EndPaint
FillRect
IsWindowEnabled
GetFocus
DrawFocusRect
SetCursor
SetFocus
SetCapture
GetCapture
ReleaseCapture
GetCursorPos
PtInRect
UpdateWindow
InvalidateRect
CallWindowProcW
DefWindowProcW
SetRectEmpty
DestroyWindow
wvsprintfW
EndDialog
DialogBoxParamW
GetClassNameW
LoadCursorW
CreateWindowExW
GetWindowTextLengthW
GetWindowTextW
GetDC
ReleaseDC
DrawTextW
OffsetRect
IsWindow
CharNextW
SetWindowLongW
GetActiveWindow
PostMessageW
GetSysColor
ShowWindow
ScreenToClient
LoadStringW
MessageBoxW
SetWindowTextW
GetDlgItemInt
IsDlgButtonChecked
GetDlgItemTextW
EnableWindow
SetDlgItemInt
CheckRadioButton
CheckDlgButton
SetDlgItemTextW
GetDlgItem
SendMessageW
GetWindow
GetWindowLongW
MonitorFromWindow
GetDlgCtrlID

gdi32

GetStockObject
GetObjectW
CreateFontIndirectW
SetBkMode
SetTextColor
DeleteObject
SelectObject

shell32

ShellExecuteExW
ShellExecuteW
CommandLineToArgvW
SHGetPathFromIDListW
SHBrowseForFolderW

ole32

CoInitializeEx
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoUninitialize

oleaut32

VarUI4FromStr

shlwapi

PathIsRootW
PathIsDirectoryW
PathAddExtensionW
PathMatchSpecW
PathRemoveBackslashW
PathRemoveBlanksW
PathRenameExtensionW
PathStripPathW
PathStripToRootW
PathAddBackslashW
SHAutoComplete
PathRemoveFileSpecW
PathFileExistsW
PathCombineW
PathIsDirectoryEmptyW
PathAppendW
PathSearchAndQualifyW
PathIsLFNFileSpecW

comctl32

CreatePropertySheetPageW
PropertySheetW
DestroyPropertySheetPage
InitCommonControlsEx
_TrackMouseEvent

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

51492918bb0913dfdc1549e244da92ef

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

shlwapi

comctl32

Sections

.text Size: 86KB - Virtual size: 85KB

.rdata Size: 23KB - Virtual size: 23KB

.data Size: 3KB - Virtual size: 8KB

.rsrc Size: 148KB - Virtual size: 152KB

.rmnet Size: 54KB - Virtual size: 56KB

.text
Size: 86KB - Virtual size: 85KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 3KB - Virtual size: 8KB

.rsrc
Size: 148KB - Virtual size: 152KB

.rmnet
Size: 54KB - Virtual size: 56KB