9326ad9b683b2ac6b016734ba7beab596855f5a00f22a53b640f9df53ff418ec

Sharing

Copy URL

Twitter E-mail

General

Target

9326ad9b683b2ac6b016734ba7beab596855f5a00f22a53b640f9df53ff418ec
Size

50KB
MD5

04b990e1524b8f4a31a15ef216eb7d77
SHA1

44f21cc33d1c30d22401216e94a2f5a1c1d6ef51
SHA256

9326ad9b683b2ac6b016734ba7beab596855f5a00f22a53b640f9df53ff418ec
SHA512

3e0799ea0888dcff080dd6abcf104485bc43c884766a126b18276a1e8f81ebeb883a209c5627ca632ef75a93c3d834ed157881cc9cfa5d1639d9faa35d6a7bf0
SSDEEP

768:ccdnViuE992FvItGa9uirG9F1dVwuG1MLlTVhhvNX80vZBAL0MXj+ehS:cIYbRMVwuTLlTxv/ILR3S

Score

N/A

Malware Config

Signatures

Files

9326ad9b683b2ac6b016734ba7beab596855f5a00f22a53b640f9df53ff418ec
.exe windows x86

532c15635f42ea4ad7fe357785820c68

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

vSetDdrawflag
DllInitialize
GradientFill

advapi32

RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegSaveKeyA
RegEnumValueA
InitializeSid
OpenServiceA
RegOpenKeyExA
RegCloseKey
CreateProcessAsUserA
IsValidSecurityDescriptor
ClearEventLogA

shlwapi

PathCombineA
PathCommonPrefixA
UrlGetPartA
UrlIsA
UrlCanonicalizeA
PathCompactPathA
UrlCreateFromPathA
UrlIsNoHistoryW
UrlCompareA
UrlIsOpaqueA
UrlHashA
UrlUnescapeA

cmpbk32

PhoneBookLoad
PhoneBookEnumCountries
PhoneBookCopyFilter

wtsapi32

WTSFreeMemory
WTSOpenServerW
WTSWaitSystemEvent
WTSEnumerateProcessesA
WTSSendMessageA
WTSVirtualChannelWrite
WTSQuerySessionInformationA
WTSCloseServer
WTSVirtualChannelOpen
WTSEnumerateServersA

comsvcs

CoLoadServices
CoCreateActivity
SafeRef
CoEnterServiceDomain
RecycleSurrogate

kernel32

GetNumberFormatA
ExitProcess
GetProcAddress
ReadFile
HeapValidate
GetVolumePathNameW
lstrcmpiA
GetCurrentDirectoryA
GetStringTypeA
GetConsoleAliasW
CreateMutexA
GetProcessTimes
CreateEventW
FindResourceW
GetModuleHandleA
GetShortPathNameA
GetDiskFreeSpaceW
SetFileAttributesA
GetTimeFormatA
DeviceIoControl
VirtualQueryEx
MoveFileW
SetVolumeLabelA
QueryDosDeviceA

certcli

CADeleteCA
CAEnumFirstCA
CACloseCA
CAEnumNextCA
CACloseCertType

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

532c15635f42ea4ad7fe357785820c68

Headers

DLL Characteristics

File Characteristics

Imports

msimg32

advapi32

shlwapi

cmpbk32

wtsapi32

comsvcs

kernel32

certcli

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 24KB