3dbb7dc9f36a3ae94ac4e58f88473d46d4c28dd9f6ed66697b8cd6cb93cde08f

Sharing

Copy URL Twitter E-mail

General

Target

3dbb7dc9f36a3ae94ac4e58f88473d46d4c28dd9f6ed66697b8cd6cb93cde08f
Size

509KB
MD5

30657a731c2ca766f192b92a552b2900
SHA1

db3dd433505bbcd7d8ef429bfd739c1b58676694
SHA256

3dbb7dc9f36a3ae94ac4e58f88473d46d4c28dd9f6ed66697b8cd6cb93cde08f
SHA512

88b6f03f9b758f27655d7a6ad5d1c7e4b75e737c12193bfc956435f15afd9a24d0778e184eef75b3738009c621e6919e6e89ec784b4412830478b08301025907
SSDEEP

12288:mkYnMFfMaalKDPMvOQRlGJnjFZthimz2gKjx1O:mzMFfmy+fGJnjFZDiz7O

Score

N/A

Malware Config

Signatures

Files

3dbb7dc9f36a3ae94ac4e58f88473d46d4c28dd9f6ed66697b8cd6cb93cde08f
.exe windows x86

1d7de542526a43f5174f60d03a2b0841

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

htonl
ntohl
htons

wtsapi32

WTSQuerySessionInformationW
WTSFreeMemory

kernel32

GetCurrentProcess
ProcessIdToSessionId
GetCurrentProcessId
LocalFree
MapViewOfFileEx
CreateFileMappingW
UnmapViewOfFile
IsDBCSLeadByte
GetCPInfo
WideCharToMultiByte
SetFilePointer
GetPrivateProfileIntW
GetPrivateProfileStringW
GetVersion
GetModuleHandleW
LoadLibraryW
lstrcmpiW
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetCurrentThreadId
SetLastError
CreateProcessW
Sleep
InitializeCriticalSection
DeleteCriticalSection
VirtualQuery
SetEvent
WaitForSingleObject
lstrcpynW
ResetEvent
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
CreateFileA
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
lstrlenW
GetProcAddress
FreeLibrary
WriteFile
DeleteFileW
GetFileSize
ReadFile
GetVersionExW
GetLastError
MultiByteToWideChar
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
CreateFileW
CloseHandle
CreateThread
TerminateThread
CreateEventW
OutputDebugStringW
IsBadReadPtr
ExitThread
RaiseException
GetTickCount
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
SetHandleCount
GetModuleFileNameA
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
InterlockedCompareExchange
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InterlockedIncrement
InterlockedDecrement
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
GetFileAttributesW
GetSystemTimeAsFileTime
GetStartupInfoW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetOEMCP
IsValidCodePage
HeapCreate
GetStdHandle

user32

UnregisterClassA
MessageBoxW
GetMessageW
TranslateMessage
DispatchMessageW
CreateDialogParamW
BringWindowToTop
PostMessageW
GetDesktopWindow
GetWindow
IsWindow
GetPropW
SetPropW
SetWindowLongW
LoadImageW
LoadIconW
SendMessageW
ShowWindow
DestroyIcon
DestroyWindow
PostQuitMessage
RemovePropW

advapi32

QueryServiceConfigW
RegOpenKeyW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
QueryServiceStatusEx
IsTextUnicode
LookupAccountNameW
ConvertSidToStringSidW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHCreateDirectoryExW
ShellExecuteW
SHGetSpecialFolderPathW

ole32

CoInitialize
CLSIDFromProgID
CoInitializeEx
CoGetInterfaceAndReleaseStream
CoFreeLibrary
CoLoadLibrary
CoCreateInstance
CoMarshalInterThreadInterfaceInStream
CoUninitialize

oleaut32

SysAllocStringByteLen
SysFreeString
SysStringLen
SysAllocString

shlwapi

PathFileExistsW
wnsprintfW

Sections

.text
Size: 276KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1d7de542526a43f5174f60d03a2b0841

Headers

File Characteristics

Imports

ws2_32

wtsapi32

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 276KB - Virtual size: 274KB

.rdata Size: 52KB - Virtual size: 51KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 160KB - Virtual size: 160KB

.text
Size: 276KB - Virtual size: 274KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 160KB - Virtual size: 160KB