44f1f31c7d3aa6cf39dfc6c8d9f95d0c8efab71f5fd49f70a8341c7d28586679

Sharing

Copy URL Twitter E-mail

General

Target

44f1f31c7d3aa6cf39dfc6c8d9f95d0c8efab71f5fd49f70a8341c7d28586679
Size

148KB
MD5

1136019b23c92ed9b6b2579103b9be76
SHA1

5a10568bf55bb1f566ea3ba6b4ce5bb34e7fee6e
SHA256

44f1f31c7d3aa6cf39dfc6c8d9f95d0c8efab71f5fd49f70a8341c7d28586679
SHA512

33671c0519023f658c92bf7e4e278eeff366d3f3d1f2a11a0126371cf3c4d10cfc19af7cc01530e418901edf8739e88ab9fe2b48061166779bc23670217d5350
SSDEEP

3072:7Tr7sod3winGLJaQyC7t07u3kfPPiGsMifbEiiozUx2:/giQCC7tYu0fPqGsMifQnx2

Score

N/A

Malware Config

Signatures

Files

44f1f31c7d3aa6cf39dfc6c8d9f95d0c8efab71f5fd49f70a8341c7d28586679
.exe windows x86

5856f22471de4a1a80f3e8a7c649696f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
GetCurrentThreadId
GetLocalTime
GlobalMemoryStatus
GetDiskFreeSpaceA
GetEnvironmentStringsW
UnhandledExceptionFilter
FreeEnvironmentStringsW
FreeEnvironmentStringsA
HeapSize
LoadLibraryA
GetSystemTimeAsFileTime
GetCurrentProcess
GetTickCount
TerminateProcess
QueryPerformanceCounter
SetEvent
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
lstrlenA
FreeLibrary
lstrcatW
CreateEventW
WaitForSingleObject
lstrcpynW
CloseHandle
HeapDestroy
lstrcmpiW
GetCurrentProcessId
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
lstrlenW
MultiByteToWideChar
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
GetVersionExW
GetEnvironmentStrings
GetProcessHeap
HeapAlloc
HeapFree
GetModuleHandleW
GetVersionExA
GetFileAttributesW
GetExitCodeThread
SetLastError
LeaveCriticalSection
EnterCriticalSection
GetWindowsDirectoryW
SetErrorMode
QueryDosDeviceW
GetVersion
CreateFileA
GetStartupInfoW
CompareStringW
WideCharToMultiByte
GetProcAddress
LoadLibraryW
GetDriveTypeW
CreateFileW
DeviceIoControl
GetLastError

msvcrt

malloc
free
??3@YAXPAX@Z
realloc
??2@YAPAXI@Z
_purecall
_onexit
__dllonexit
_controlfp
__set_app_type
__p__fmode
_beginthreadex
_wcsicmp
wcscmp
iswdigit
_wtoi
wcslen
_vsnwprintf
_wtol
_wcsnicmp
wcsncmp
wcsrchr
wcsstr
wcschr
wcspbrk
iswspace
memmove
towupper
_c_exit
_exit
_XcptFilter
_cexit
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
_except_handler3
_CIpow
wcsncpy
__p__commode
_snwprintf

advapi32

RegSetValueExA
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExA
RegQueryValueExW
RegCreateKeyExA

user32

CharNextW
CharPrevW
CharNextA

mpr

WNetAddConnection2W
WNetCancelConnection2W
WNetGetConnectionW

ole32

CoCreateInstance
CoTaskMemFree
CoInitializeEx
CoUninitialize
CoTaskMemAlloc
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemRealloc

oleaut32

SysFreeString
VarUI4FromStr
SysAllocStringLen
SysAllocString
SysStringLen

shell32

ShellExecuteExW

shlwapi

PathGetCharTypeW
PathGetCharTypeA

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5856f22471de4a1a80f3e8a7c649696f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

user32

mpr

ole32

oleaut32

shell32

shlwapi

Sections

.text Size: 100KB - Virtual size: 96KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 984B

.hdata Size: 28KB - Virtual size: 28KB

.text
Size: 100KB - Virtual size: 96KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 984B

.hdata
Size: 28KB - Virtual size: 28KB