f1ad7eb667c88b31cd699b2ec5dcf03d5d0d731cc70ca9e16703537e0fd326f0

Sharing

Copy URL Twitter E-mail

General

Target

f1ad7eb667c88b31cd699b2ec5dcf03d5d0d731cc70ca9e16703537e0fd326f0
Size

124KB
MD5

52bc27c8409a089389158f437e240f2c
SHA1

8235c841e3c3b2a236914f775619cc9a4abcc7c3
SHA256

f1ad7eb667c88b31cd699b2ec5dcf03d5d0d731cc70ca9e16703537e0fd326f0
SHA512

3da572f3c2eb213d7b9e4f9ca69c32f25a0d5cf881b1e4761ba1ac10c8a19342b899fa4fbab5dfca74fb6378e6be096e2c245005960e4aa208809885cb66b203
SSDEEP

1536:+dXf6Z4MaEUU6/IazXDac+pdIAykapdubEMBv2PUrFHphLLIJlATFFph/CPIbT8:AXfqCDac+TxCpdubENUFpxLIrkaI8

Score

N/A

Malware Config

Signatures

Files

f1ad7eb667c88b31cd699b2ec5dcf03d5d0d731cc70ca9e16703537e0fd326f0
.exe windows x86

69656772a686bb855e5e2abe9965a150

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DialogBoxParamW
EndDialog
SetDlgItemTextW
CloseWindowStation
GetProcessWindowStation
OpenWindowStationW
SetProcessWindowStation
GetDesktopWindow
GetWindowRect
GetClientRect
MapWindowPoints
SetWindowPos
OpenDesktopW
SetThreadDesktop
GetThreadDesktop
CloseDesktop
PeekMessageW
MsgWaitForMultipleObjects
PostThreadMessageW
wsprintfA
LoadStringW
wsprintfW

kernel32

FormatMessageW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
MultiByteToWideChar
ReleaseMutex
DebugBreak
RaiseException
CreateFileW
GetWindowsDirectoryW
CreateMutexW
GetLocalTime
WriteFile
SetFilePointer
lstrcatA
lstrcpyA
lstrlenA
LocalFree
InterlockedCompareExchange
GetModuleHandleW
GetVersionExW
GetSystemInfo
CreateSemaphoreW
Sleep
ReleaseSemaphore
SetLastError
GetComputerNameW
WideCharToMultiByte
GetSystemDirectoryW
SearchPathW
GlobalFree
GlobalAlloc
GlobalMemoryStatusEx
ResetEvent
CreateThread
DuplicateHandle
GetFileAttributesW
InitializeCriticalSection
PostQueuedCompletionStatus
InterlockedExchangeAdd
QueryPerformanceFrequency
CreateIoCompletionPort
InterlockedExchange
FreeLibraryAndExitThread
GetQueuedCompletionStatus
SetThreadPriority
OutputDebugStringA
LoadLibraryA
lstrcmpA
lstrcmpiW
GetModuleFileNameA
VirtualQueryEx
lstrcpynW
LockResource
LoadResource
FindResourceW
FindClose
DeleteFileW
GetCurrentProcess
FindNextFileW
FindFirstFileW
GetExitCodeProcess
CreateProcessW
ExpandEnvironmentStringsW
CreateDirectoryW
GetThreadContext
IsDebuggerPresent
LoadLibraryExW
GetModuleHandleA
GetModuleFileNameW
GetLastError
DisableThreadLibraryCalls
GetVersionExA
LoadLibraryW
CreateEventA
GetCurrentThread
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
lstrlenW
InterlockedIncrement
lstrcmpW
CompareStringW
SetFileAttributesW
InterlockedDecrement
GetUserDefaultLCID
SetEvent
GetCurrentThreadId
CloseHandle
WaitForSingleObject
CreateEventW
lstrcpyW
lstrcatW
FreeLibrary
GetProcAddress

ole32

StringFromCLSID
CoGetMalloc
CoGetObjectContext
FreePropVariantArray
PropVariantClear
PropVariantCopy
CoUnmarshalInterface
IIDFromString
CoUninitialize
CoInitializeEx
CoRevokeClassObject
CoRegisterClassObject
CoRevertToSelf
CoMarshalInterface
CoImpersonateClient
CreateStreamOnHGlobal
CoCreateInstance
CoEnableCallCancellation
CoDisableCallCancellation
StringFromGUID2
CoGetObject
StringFromIID
CLSIDFromString
CoGetClassObject
CoSetProxyBlanket
CoCancelCall
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid

advapi32

RegQueryInfoKeyW
SetThreadToken
RegisterServiceCtrlHandlerW
RegDeleteValueW
DeleteService
OpenSCManagerW
OpenServiceW
ChangeServiceConfigW
CreateServiceW
ChangeServiceConfig2W
CloseServiceHandle
ControlService
QueryServiceStatus
SetServiceStatus
RegEnumKeyExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
MakeAbsoluteSD
MakeSelfRelativeSD
IsValidSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
GetSecurityDescriptorLength
LookupAccountSidW
IsValidSid
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
GetTokenInformation
EqualSid
InitializeSecurityDescriptor
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorSacl
SetSecurityDescriptorDacl
FreeSid
AllocateAndInitializeSid
RegOpenKeyW
RegisterEventSourceW
ReportEventW
DeregisterEventSource
RegQueryValueExW
GetUserNameW
OpenThreadToken
OpenProcessToken
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueW
RegUnLoadKeyW
RegLoadKeyW
RegEnumValueW

rpcrt4

NdrDllGetClassObject
NdrCStdStubBuffer_Release
NdrCStdStubBuffer2_Release
NdrDllRegisterProxy
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_CountRefs
CStdStubBuffer_IsIIDSupported
NdrDllUnregisterProxy
CStdStubBuffer_Invoke
CStdStubBuffer_Disconnect
CStdStubBuffer_Connect
CStdStubBuffer_AddRef
CStdStubBuffer_QueryInterface
NdrStubCall2
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
NdrOleFree
NdrOleAllocate
NdrStubForwardingFunction

version

VerQueryValueW

msvcrt

wcslen
_onexit
__dllonexit
_adjust_fdiv
_initterm
_wstrdate
_wstrtime
_waccess
_vsnwprintf
wcsrchr
__CxxFrameHandler
_vsnprintf
_beginthreadex
_CIexp
_ftol
wcstoul
wcscpy
malloc
_wcsicmp
wcscmp
_wcsnicmp
iswctype
_except_handler3
_local_unwind2
_itow
wcscat
free

ntdll

RtlDelete
RtlSplay
RtlInitializeCriticalSectionAndSpinCount
RtlDeleteCriticalSection
RtlInitializeCriticalSection

Sections

.text
Size: 76KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69656772a686bb855e5e2abe9965a150

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

ole32

advapi32

rpcrt4

version

msvcrt

ntdll

Sections

.text Size: 76KB - Virtual size: 79KB

.data Size: 10KB - Virtual size: 15KB

.rsrc Size: 31KB - Virtual size: 31KB

.reloc Size: 14KB - Virtual size: 14KB

.text
Size: 76KB - Virtual size: 79KB

.data
Size: 10KB - Virtual size: 15KB

.rsrc
Size: 31KB - Virtual size: 31KB

.reloc
Size: 14KB - Virtual size: 14KB