15de4b83e945a4a1d9cc31551fa06037712b17fa16125bc8fee0eeacb648bdd0

Sharing

Copy URL

Twitter E-mail

General

Target

15de4b83e945a4a1d9cc31551fa06037712b17fa16125bc8fee0eeacb648bdd0
Size

55KB
MD5

16930df86626a5e657cdc0cdc31c9210
SHA1

8f501f72d2bd35ea1e192627ea1ab9bff4be0a21
SHA256

15de4b83e945a4a1d9cc31551fa06037712b17fa16125bc8fee0eeacb648bdd0
SHA512

38c9df0e802389b25a280b3410394c1f5ff33957d5360c5e31a4a7da8fde1099d58fe3d0493f451116a9c43ab90188c99f4b4813f5aeccd6d1079e4e1e57685d
SSDEEP

1536:MknkSfCUtOTgBUtLk10CqvsaxmtMtNHe:MknkSfZWCoC0Cqvf39e

Score

N/A

Malware Config

Signatures

Files

15de4b83e945a4a1d9cc31551fa06037712b17fa16125bc8fee0eeacb648bdd0
.exe windows x86

52808dc9d3413e8b2b20f741b1c4a829

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
MulDiv
FileTimeToDosDateTime
GetProcAddress
lstrcmpW

imm32

ImmGetHotKey
ImmGetCompositionStringW
ImmGetCompositionFontW
ImmNotifyIME
ImmRequestMessageA
ImmGetCandidateListA
ImmConfigureIMEW
ImmGetIMEFileNameA
ImmConfigureIMEA
ImmGetGuideLineW
ImmDisableIME
ImmGetStatusWindowPos
ImmSetHotKey
ImmDestroySoftKeyboard
ImmGetDescriptionA
ImmShowSoftKeyboard
ImmAssociateContextEx
ImmGetImeMenuItemsA
ImmGetIMEFileNameW
ImmGetRegisterWordStyleA
ImmGetVirtualKey
ImmUnregisterWordA
ImmGetCandidateWindow
ImmGetIMCCSize
ImmGetConversionStatus
ImmSetCompositionFontA
ImmIsUIMessageW
ImmGetCompositionStringA
ImmReleaseContext
ImmLockIMC
ImmLockIMCC
ImmGenerateMessage
ImmEnumRegisterWordW
ImmSetCompositionStringA
ImmGetIMCCLockCount
ImmIsIME
ImmEscapeA
ImmSetCompositionFontW
ImmInstallIMEW
ImmUnlockIMCC
ImmGetOpenStatus

shlwapi

PathIsPrefixA
SHRegWriteUSValueW
StrIsIntlEqualA
StrToIntA
UrlCreateFromPathA
StrSpnA
SHRegQueryInfoUSKeyW
PathIsUNCServerShareW
PathIsRelativeW
StrCSpnA
StrChrA
PathRemoveArgsA
SHRegisterValidateTemplate
SHRegDeleteUSValueW
PathFindSuffixArrayW
PathIsURLW
SHRegSetPathA
StrStrIA
SHRegCreateUSKeyW
UrlIsA
PathMakePrettyA
PathFileExistsW
StrTrimA
StrRStrIA
PathUndecorateA
SHRegGetBoolUSValueW
SHRegSetUSValueW
PathMakeSystemFolderA
SHRegOpenUSKeyA
AssocQueryStringByKeyA
UrlUnescapeW
StrRetToStrA
SHGetInverseCMAP
PathIsRelativeA
SHGetThreadRef
UrlCanonicalizeA
PathSetDlgItemPathW
SHRegDeleteEmptyUSKeyA
StrToIntExW
PathSetDlgItemPathA
PathFindExtensionW
PathIsFileSpecW
UrlUnescapeA
PathGetArgsW
StrDupW
IntlStrEqWorkerW
SHQueryValueExA
PathCommonPrefixW
PathIsLFNFileSpecA

wtsapi32

WTSOpenServerA
WTSVirtualChannelQuery
WTSSendMessageW
WTSVirtualChannelPurgeOutput
WTSQuerySessionInformationW
WTSVirtualChannelClose
WTSDisconnectSession
WTSSendMessageA
WTSFreeMemory
WTSSetUserConfigW
WTSEnumerateSessionsW
WTSTerminateProcess
WTSLogoffSession
WTSSetSessionInformationA
WTSEnumerateProcessesW
WTSEnumerateProcessesA
WTSQueryUserConfigA
WTSWaitSystemEvent

comdlg32

ChooseColorA

user32

ExcludeUpdateRgn
DialogBoxParamW
EnumDisplayDevicesW
SetRectEmpty
EndDialog
IsDialogMessageW
TrackPopupMenu
DdeDisconnect
SetWindowsHookExA
BeginPaint
AnimateWindow
CallWindowProcW
CharLowerBuffA
DdeCreateDataHandle
GetKeyboardState
wvsprintfA
SendNotifyMessageW
SendMessageA
OemKeyScan
IsCharAlphaNumericW
AttachThreadInput
MessageBoxW
IsZoomed
SetMessageQueue

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

52808dc9d3413e8b2b20f741b1c4a829

Headers

File Characteristics

Imports

kernel32

imm32

shlwapi

wtsapi32

comdlg32

user32

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 4KB

.rsrc Size: 11KB - Virtual size: 12KB

.xdata Size: 7KB - Virtual size: 6KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 11KB - Virtual size: 12KB

.xdata
Size: 7KB - Virtual size: 6KB