554e42eb7dda520de0049c4d9b68fb1c9e831f4f7c4b86794716bfbd73176720

Sharing

Copy URL Twitter E-mail

General

Target

554e42eb7dda520de0049c4d9b68fb1c9e831f4f7c4b86794716bfbd73176720
Size

24KB
MD5

048b4bf769db5021ab380191daf0a681
SHA1

ebfd3c8e5d7c2cae33e4949030e33648a7ed9feb
SHA256

554e42eb7dda520de0049c4d9b68fb1c9e831f4f7c4b86794716bfbd73176720
SHA512

407937562a69bb62dff18bffdfd5a23c5fbd72ecc207dacfd6981f564945a72931f2f5dca6b4311164267d2f7fade362beeb1ccf8c8891b3ef5c2ace5e7b9b17
SSDEEP

384:l65C9A80PABHQehk0vIA/IHRxuaDtfr7lvLeiKfOz1li:lsuAdAB1IPJJr7ReHG

Score

N/A

Malware Config

Signatures

Files

554e42eb7dda520de0049c4d9b68fb1c9e831f4f7c4b86794716bfbd73176720
.exe windows x86

a9999fd1576ff3ba4b2f5418a62966a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItem
EnableWindow
GetSystemMetrics
LoadStringW
ReleaseDC
EndDialog
ShowWindow
MessageBoxA
GetDC
GetWindowRect
TranslateMessage
GetClientRect

rsaenh

DllRegisterServer
CPDuplicateHash
CPDestroyKey
CPCreateHash
CPDecrypt
CPDeriveKey
CPSetHashParam
CPVerifySignature
CPSetProvParam
CPHashSessionKey
CPGetUserKey
CPImportKey
CPSignHash
CPExportKey
CPGenRandom
CPSetKeyParam
CPEncrypt
CPGetHashParam
CPHashData
CPGetProvParam
DllUnregisterServer
CPReleaseContext
CPDuplicateKey
CPGetKeyParam
CPDestroyHash
CPGenKey

advapi32

RegCreateKeyExW
RegCreateKeyExA
RegSetValueExW
CloseServiceHandle
RegEnumKeyExW
RegDeleteKeyA
OpenThreadToken
RegQueryValueExW
RegDeleteValueA
RegOpenKeyExA
AllocateAndInitializeSid
RegQueryValueExA
FreeSid
GetTokenInformation
RegQueryInfoKeyW
RegSetValueExA
RegDeleteValueW
RegCloseKey
RegEnumValueW
InitializeSecurityDescriptor
OpenProcessToken
RegDeleteKeyW
RegOpenKeyExW
RegEnumKeyExA

shlwapi

SHUnlockShared
GetAcceptLanguagesA

msvcrt

wcslen
_wtoi
_vsnwprintf
wcscmp
_strnicmp
_itow
malloc
fwrite
_adjust_fdiv
_snwprintf
_iob
_except_handler3
wcscpy
realloc
free
_initterm
swprintf
strtol
wcsncpy
_local_unwind2
_wcsicmp
_ftol
_onexit

oleaut32

RegisterTypeLib
VariantClear
SafeArrayPutElement
LoadTypeLibEx
VariantChangeType
SysAllocStringByteLen
VariantChangeTypeEx
VariantCopyInd
SysFreeString
SafeArrayGetLBound
SafeArrayPtrOfIndex
SysAllocStringLen
LoadTypeLib
SafeArrayGetUBound
GetActiveObject
SafeArrayUnaccessData
SetErrorInfo
SafeArrayAccessData
GetErrorInfo
VariantCopy
SafeArrayGetElement
SafeArrayCreate
CreateErrorInfo
SysStringByteLen
SysStringLen
OleLoadPicture

shell32

DllGetVersion
SHStartNetConnectionDialogW
IsNetDrive
SHILCreateFromPath
SHCoCreateInstance
PifMgr_OpenProperties
DllUnregisterServer
DAD_DragLeave
DllRegisterServer
IsLFNDrive
DAD_DragEnterEx
DllGetClassObject
PickIconDlg
DAD_DragMove
SHDefExtractIconW
DllInstall
PathResolve
Shell_GetCachedImageIndex
DllCanUnloadNow
RestartDialog
SHChangeNotifyDeregister
SHGetSetSettings
DragFinish
DragAcceptFiles
PathQualify
SHChangeNotifyRegister
DriveType
Shell_MergeMenus

ws2_32

socket
send
accept
connect
WSACleanup
WSAStartup
recv

kernel32

SearchPathA
SetLastError
InitializeCriticalSection
SetFilePointer
WaitForMultipleObjects
GetModuleFileNameA
GetLastError
EnterCriticalSection
SetConsoleScreenBufferSize
GetVolumeInformationA
GetStdHandle
PeekConsoleInputA
WaitForSingleObject
SetEnvironmentVariableA
GetConsoleOutputCP
GetTickCount
InterlockedDecrement
SetConsoleWindowInfo
lstrcmpiA
SetConsoleTitleA
IsBadReadPtr
InterlockedIncrement
SetConsoleCP
VirtualAlloc
MoveFileA
GetFileInformationByHandle
AllocConsole
FreeLibrary
ReadFile
LoadLibraryA
ExpandEnvironmentStringsA
GetConsoleCP
GetConsoleScreenBufferInfo
GetFullPathNameA
FlushFileBuffers
CreateDirectoryA
GetEnvironmentVariableA
WriteFile
SetConsoleOutputCP
LeaveCriticalSection
ReadConsoleInputA
DeleteCriticalSection
GetModuleHandleA
SetFileTime
TerminateProcess
GetShortPathNameA
IsBadCodePtr
IsBadWritePtr
SetEndOfFile
CreateProcessA

ole32

CoDisableCallCancellation
WriteFmtUserTypeStg
CLIPFORMAT_UserUnmarshal
CLSIDFromProgID
CoCreateFreeThreadedMarshaler
CoCreateInstanceEx
CoDeactivateObject
CoCopyProxy
CLIPFORMAT_UserFree
CLSIDFromProgIDEx
CoCreateGuid
CLSIDFromString
CoCancelCall
CoCreateObjectInContext
OleSetClipboard
OleGetClipboard
CLSIDFromOle1Class
OleInitialize
CLIPFORMAT_UserMarshal
BindMoniker

Sections

.data
Size: 1KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 877B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9999fd1576ff3ba4b2f5418a62966a0

Headers

DLL Characteristics

File Characteristics

Imports

user32

rsaenh

advapi32

shlwapi

msvcrt

oleaut32

shell32

ws2_32

kernel32

ole32

Sections

.data Size: 1KB - Virtual size: 40KB

.reloc Size: 1024B - Virtual size: 877B

.rsrc Size: 10KB - Virtual size: 9KB

.idata Size: 10KB - Virtual size: 9KB

.text Size: 1024B - Virtual size: 676B

.data
Size: 1KB - Virtual size: 40KB

.reloc
Size: 1024B - Virtual size: 877B

.rsrc
Size: 10KB - Virtual size: 9KB

.idata
Size: 10KB - Virtual size: 9KB

.text
Size: 1024B - Virtual size: 676B