42e84bec7997e784056909d72e90fb06df1b69de7b3f404b24becc0338df0d3d

General

Target

42e84bec7997e784056909d72e90fb06df1b69de7b3f404b24becc0338df0d3d
Size

100KB
MD5

b53bcc1d7d73ed811ae82f0246fdada9
SHA1

c9f232e7ac058514364b77bbed54819d3c94d9f3
SHA256

42e84bec7997e784056909d72e90fb06df1b69de7b3f404b24becc0338df0d3d
SHA512

7b3a74a99d0af4ccd89b3d5b4a6c534c21fd80f3496a6ea9c2b03d808f61ea94f969a1cde91d728490fefacfdbb34222ba2cc3d0cdf8755e0ebde854127c3441
SSDEEP

1536:WOJ07q5b+uhv0RAlS13sIRUZ8sk4BQ6q380QezXPlnv2T3u1LafY0:PlviA4tsIRg8dqj2tXpeT3qaf

Score

N/A

Malware Config

Signatures

Files

42e84bec7997e784056909d72e90fb06df1b69de7b3f404b24becc0338df0d3d
.exe windows x86

afd4344ae7e632e48e223a6f08682c5a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSLogoffSession
WTSVirtualChannelWrite
WTSOpenServerA
WTSUnRegisterSessionNotification
WTSQuerySessionInformationA
WTSFreeMemory
WTSVirtualChannelRead
WTSSendMessageA
WTSCloseServer
WTSSetUserConfigA
WTSQueryUserToken
WTSRegisterSessionNotification

msimg32

DllInitialize
TransparentBlt
GradientFill

user32

wsprintfW
LoadBitmapW
SendMessageA
EndDialog
InsertMenuA
InsertMenuA
EnumWindows
CreateWindowExW
DefDlgProcW
DrawTextExA
CreateDesktopA
GetPropA
FindWindowA
LoadImageW
EnumDesktopsA
MessageBoxA
LoadCursorA
OemToCharA

kernel32

CompareStringW
GetEnvironmentVariableW
GetLastError
GetProcAddress
CreateWaitableTimerW
OpenEventW
GetFileSize
CreateMutexW
CreateSemaphoreA
WaitForSingleObjectEx
GetCurrentProcess
GetStartupInfoW
InitializeCriticalSection
CreateEventA
GetStringTypeA
CreateDirectoryW
FormatMessageA
CopyFileA
GetOEMCP
GetModuleHandleA
GetCommandLineW

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

afd4344ae7e632e48e223a6f08682c5a

Headers

File Characteristics

Imports

wtsapi32

msimg32

user32

kernel32

Sections

.text Size: 20KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 220KB

.rsrc Size: 64KB - Virtual size: 61KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 220KB

.rsrc
Size: 64KB - Virtual size: 61KB

.reloc
Size: 4KB - Virtual size: 2KB