8759cab9e7bbdd4155fb1f7c8b1f33e9e00d55cc2390bb2aa239ff46b2fb8b60

Sharing

Copy URL

Twitter E-mail

General

Target

8759cab9e7bbdd4155fb1f7c8b1f33e9e00d55cc2390bb2aa239ff46b2fb8b60
Size

116KB
MD5

06770fa4a39be80e21a8e1da80148264
SHA1

385070654824e23b72d1cec058f177e3934d41b5
SHA256

8759cab9e7bbdd4155fb1f7c8b1f33e9e00d55cc2390bb2aa239ff46b2fb8b60
SHA512

58e0fabd2cc7852e9ffe084946aea6f50e916e5ee3e29f0563fcd31673c58cd3110b7a691cf51259c1155e03c65e8068117286027d7c64b9f38e546f01a9f48f
SSDEEP

1536:IYIvklroKtNjQcGQLHjgyUHFvHUVVX2AJHNhQVSOoo+vb2k/m7kxJUl4gVSrR6/J:1A/HwX2ABgQnvRmK4UBpjfKQQrAW3Gs

Score

N/A

Malware Config

Signatures

Files

8759cab9e7bbdd4155fb1f7c8b1f33e9e00d55cc2390bb2aa239ff46b2fb8b60
.exe windows x86

4f7c45a57f8b3e76839b4642748a320f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
SetLastError
lstrcatW
UnmapViewOfFile
MapViewOfFile
CloseHandle
CreateFileMappingA
CreateFileA
OpenThread
OpenProcess
GetLastError
ExitProcess
TerminateProcess
GetProcAddress
CreateMutexA
CreateSemaphoreA
CreateEventA
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCurrentProcess
SetUnhandledExceptionFilter
lstrlenW
lstrcpyW
LocalUnlock
LocalSize
LocalAlloc
LocalLock
LocalFree
SetPriorityClass

msvcrt

strchr
printf
strrchr
malloc
free
_c_exit
_exit
_controlfp
_except_handler3
__set_app_type
__p__fmode
_XcptFilter
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__initenv
exit
_cexit
strncpy

advapi32

LsaClose
LsaFreeMemory
LsaLookupSids
LsaLookupPrivilegeName
OpenThreadToken
OpenProcessToken
LsaOpenPolicy

user32

CheckRadioButton
ShowWindow
SendMessageW
RegisterHotKey
GetSystemMenu
DeleteMenu
SetForegroundWindow
SetFocus
SetDlgItemInt
EnableWindow
DialogBoxParamA
SetWindowLongA
EndDialog
LoadCursorA
SetCursor
GetWindowTextW
SetWindowTextW
SetDlgItemTextA
GetWindowLongA
MessageBoxA
GetDlgItem
SendMessageA
wsprintfA

ntdll

DbgPrint
RtlFreeUnicodeString
RtlConvertSidToUnicodeString
RtlFreeAnsiString
RtlUnicodeStringToAnsiString
RtlTimeToTimeFields
RtlEqualSid
NtQueryInformationToken
NtAdjustGroupsToken
NtAdjustPrivilegesToken
NtSetInformationToken
RtlEqualUnicodeString
RtlInitUnicodeString
NtQueryObject
NtSetSecurityObject
NtQuerySecurityObject
RtlGetDaclSecurityDescriptor
RtlSetDaclSecurityDescriptor
RtlCreateSecurityDescriptor
NtReadVirtualMemory
NtQueryInformationProcess
RtlInitAnsiString
NtQueryVirtualMemory
NtQuerySystemInformation
NtClose
NtGetContextThread
NtOpenThread

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4f7c45a57f8b3e76839b4642748a320f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

user32

ntdll

Sections

.text Size: 24KB - Virtual size: 23KB

.data Size: 2KB - Virtual size: 6KB

.rsrc Size: 9KB - Virtual size: 8KB

.wdata Size: 80KB - Virtual size: 80KB

.text
Size: 24KB - Virtual size: 23KB

.data
Size: 2KB - Virtual size: 6KB

.rsrc
Size: 9KB - Virtual size: 8KB

.wdata
Size: 80KB - Virtual size: 80KB