dc4fdf6cc2c80a252c1d45a3038f39c2fa696217045513331d787fb0fc84658d

Sharing

Copy URL Twitter E-mail

General

Target

dc4fdf6cc2c80a252c1d45a3038f39c2fa696217045513331d787fb0fc84658d
Size

163KB
MD5

0d7398c92bdee1ecfc4f507872a4e6f9
SHA1

3f839cebd4fbb03ad14e29a9e8659a8d51f66f95
SHA256

dc4fdf6cc2c80a252c1d45a3038f39c2fa696217045513331d787fb0fc84658d
SHA512

0abe6d1618ed3f800c5fd0cc5c7ff8d196297cb9a560fb2d6c0a17f20d6c9e257ea144d5983ba538a667f57ae9003e59429982e69992f7a6e6e696762cb070da
SSDEEP

3072:xXUwrxWRYQ+X5xpFBOJfVAiRTMq2d/Et+:xWg5vIJ2REt+

Score

N/A

Malware Config

Signatures

Files

dc4fdf6cc2c80a252c1d45a3038f39c2fa696217045513331d787fb0fc84658d
.exe windows x86

90820870710010ff907cb7527dec16bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA
CharLowerA
wvsprintfA
CharToOemA
CharUpperA
GetWindowThreadProcessId
IsWindowVisible
GetDesktopWindow
GetWindow
MessageBoxA
GetMenuStringA
FindWindowW
SendMessageTimeoutA
UpdateWindow
GetWindowRgnBox
GetWindowLongA
MessageBoxW
IsWindowEnabled
GetLayeredWindowAttributes
UpdateLayeredWindow
GetWindowRgn
GetKeyState

shell32

ShellExecuteA
SHFileOperationW
ShellExecuteW

advapi32

CryptAcquireContextA
StartServiceA
OpenProcessToken
GetTokenInformation
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatus
ControlService

gdi32

Escape
GetObjectA
CancelDC
SetStretchBltMode
UpdateColors
GetPixel
GdiFlush
GetMetaRgn
StartDocW
GetTextFaceA
EnumEnhMetaFile
RectVisible
Polyline
GetTextCharacterExtra
GetMetaFileBitsEx

crypt32

CryptHashToBeSigned

kernel32

GetStringTypeA
GetStringTypeW
LCMapStringW
UnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
LCMapStringA
SetCurrentDirectoryA
GetCommandLineW
SetHandleInformation
LockResource
GetCurrentProcess
TlsGetValue
MultiByteToWideChar
FindResourceExW
CompareStringW
WaitForDebugEvent
SetFilePointerEx
GetVersionExA
TlsAlloc
FreeResource
FatalAppExitA
lstrcpynW
FreeEnvironmentStringsW
GetFileAttributesA
HeapAlloc
GetCommandLineA
GetStartupInfoA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapFree
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
TerminateProcess

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90820870710010ff907cb7527dec16bb

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

advapi32

gdi32

crypt32

kernel32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 23KB - Virtual size: 41KB

.rsrc Size: 85KB - Virtual size: 84KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 23KB - Virtual size: 41KB

.rsrc
Size: 85KB - Virtual size: 84KB