edb15ae66d089789f22a8073e1eae4df813c578ac13cf8a1eea75dbf38c16970

Sharing

Copy URL

Twitter E-mail

General

Target

edb15ae66d089789f22a8073e1eae4df813c578ac13cf8a1eea75dbf38c16970
Size

168KB
MD5

442334303577c3dafe0439a40f11e828
SHA1

7bba584f10bf33faefd16362a08669cb7a5ddafe
SHA256

edb15ae66d089789f22a8073e1eae4df813c578ac13cf8a1eea75dbf38c16970
SHA512

458963f867978091a08376d5c184f20201f98d273672a3aa9517fb5eab0c3046ac70bb22133e8254677e2471ac922daa10987df4982fd97b15ea623273808e2f
SSDEEP

3072:5pOp8jC/lmPP+lXZLcnPKQo+69qA+O0ZzKN7QDAxOMMk30226gzgNO3DiS76GoND:5Ep6OSILeKD+O0pKN7QDAxOMTE2AzgNL

Score

N/A

Malware Config

Signatures

Files

edb15ae66d089789f22a8073e1eae4df813c578ac13cf8a1eea75dbf38c16970
.exe windows x86

ad7234ec1e824d4e35891528b1f95fef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryW
GetProcessHeap
lstrcpyW
LocalAlloc
GetCurrentProcess
CloseHandle
ExitProcess
LocalFree
GetComputerNameW
lstrlenW
LocalReAlloc
GlobalAlloc
GlobalLock
LoadLibraryW
GetModuleHandleW
GetThreadLocale
FormatMessageW
lstrcmpW
MultiByteToWideChar
ReadFile
DeleteFileW
WriteFile
WideCharToMultiByte
CreateFileW
OutputDebugStringW
GetLastError
SetFilePointer
GetFileSize
SearchPathW
GetTimeFormatW
GetDateFormatW
GetSystemDefaultLCID
FileTimeToSystemTime
FileTimeToLocalFileTime
FreeLibrary
lstrcmpiW
MulDiv
lstrcpynW
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
LoadLibraryA
GetCurrentProcessId
SetUnhandledExceptionFilter
TerminateProcess
GetCommandLineW
GetSystemTimeAsFileTime
GlobalUnlock

msvcrt

iswctype
_except_handler3
_resetstkoflw
wcsncmp
wcschr
wcsrchr
wcscmp
_vsnwprintf
iswprint
wcscpy
wcslen
swprintf
memmove
_purecall

advapi32

InitializeSecurityDescriptor
InitializeAcl
SetSecurityDescriptorDacl
SetSecurityDescriptorSacl
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
GetInheritanceSourceW
LookupAccountSidW
GetSidSubAuthorityCount
GetSidSubAuthority
GetSecurityDescriptorControl
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
SetSecurityInfo
SetNamedSecurityInfoW
GetNamedSecurityInfoW
MapGenericMask
RegSetValueExA
RegFlushKey
RegSaveKeyW
RegRestoreKeyW
RegConnectRegistryW
RegQueryValueExW
RegDeleteKeyW
RegQueryInfoKeyW
RegLoadKeyW
RegUnLoadKeyW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegEnumKeyW
RegOpenKeyW
RegDeleteValueW
RegEnumValueW
RegCreateKeyW
RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueW
RegOpenKeyExA
RegQueryValueExA

gdi32

GetTextMetricsW
GetStockObject
SetAbortProc
StartDocW
StartPage
SetViewportOrgEx
EndPage
EndDoc
AbortDoc
DeleteDC
CreateBitmap
CreatePatternBrush
PatBlt
ExcludeClipRect
SelectClipRgn
DeleteObject
SetBkColor
SetTextColor
ExtTextOutW
GetDeviceCaps
CreateFontIndirectW
SelectObject

user32

GetClipboardData
WinHelpW
EndDialog
GetWindowLongW
ShowCaret
CreateCaret
ReleaseCapture
MessageBeep
DestroyMenu
TrackPopupMenuEx
IsClipboardFormatAvailable
EnableMenuItem
GetSubMenu
LoadMenuW
SetFocus
HideCaret
EndPaint
BeginPaint
SetTimer
SetCapture
GetKeyState
RegisterClassW
LoadCursorW
RegisterClipboardFormatW
CheckRadioButton
SendMessageW
GetWindowTextW
GetParent
GetDlgItemTextW
IsDlgButtonChecked
GetDlgCtrlID
CallWindowProcW
GetWindowTextLengthW
GetDlgItemInt
PostQuitMessage
GetWindowPlacement
SetWindowTextW
EnableWindow
DialogBoxParamW
DrawMenuBar
InsertMenuItemW
DeleteMenu
SetMenuItemInfoW
GetMenu
GetMenuItemInfoW
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsIconic
DestroyIcon
LoadImageW
GetSysColor
SetCursor
ShowCursor
ShowWindow
OpenClipboard
CreateWindowExW
GetMessageW
ScreenToClient
SetCursorPos
DispatchMessageW
ClientToScreen
GetProcessDefaultLayout
GetDesktopWindow
LoadIconW
PostMessageW
SetMenuDefaultItem
InsertMenuW
GetMenuItemID
CheckMenuItem
UpdateWindow
RegisterClassExW
CharNextW
GetClientRect
DestroyWindow
CreateDialogParamW
CheckDlgButton
DrawAnimatedRects
IntersectRect
ModifyMenuW
GetMessagePos
TranslateMessage
TranslateAcceleratorW
LoadAcceleratorsW
SetForegroundWindow
GetLastActivePopup
BringWindowToTop
FindWindowW
LoadStringW
GetWindow
IsDialogMessageW
PeekMessageW
MessageBoxW
CharUpperBuffW
CharUpperW
IsCharAlphaNumericW
wsprintfW
DestroyCaret
SetScrollInfo
GetDC
ReleaseDC
DefWindowProcW
SetWindowLongW
SetDlgItemTextW
SendDlgItemMessageW
GetDlgItem
GetWindowRect
GetSystemMetrics
MoveWindow
MapWindowPoints
SetWindowPos
SetClipboardData
EmptyClipboard
CloseClipboard
InvalidateRect
ScrollWindowEx
SetCaretPos
SetWindowPlacement
KillTimer
CharLowerW

comctl32

ord358
ImageList_SetBkColor
ImageList_Create
ImageList_ReplaceIcon
ord4
ord363
CreateStatusWindowW
ImageList_Destroy
ord365
InitCommonControlsEx
ord340
ord236
ord359
ord329
ord337
ord338
ord334
ord2

comdlg32

GetSaveFileNameW
GetOpenFileNameW
PrintDlgExW

shell32

ShellAboutW
DragQueryFileW
DragFinish

authz

AuthzFreeResourceManager
AuthzAccessCheck
AuthzInitializeContextFromSid
AuthzInitializeResourceManager
AuthzFreeContext

aclui

ord2

ole32

CoCreateInstance
ReleaseStgMedium
CoInitializeEx
CoUninitialize

ulib

?Initialize@ARRAY@@QAEEKK@Z
?Resize@DSTRING@@UAEEK@Z
??1DSTRING@@UAE@XZ
?NewBuf@DSTRING@@UAEEK@Z
??1OBJECT@@UAE@XZ
?Initialize@WSTRING@@QAEEPBGK@Z
?Compare@OBJECT@@UBEJPBV1@@Z
??0DSTRING@@QAE@XZ
??0ARRAY@@QAE@XZ
?Initialize@WSTRING@@QAEEPBV1@KK@Z
??0OBJECT@@IAE@XZ
?Strcat@WSTRING@@QAEEPBV1@@Z

clb

ClbSetColumnWidths
ClbAddData

ntdll

RtlFreeHeap
RtlAllocateHeap

shlwapi

PathAppendW

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ad7234ec1e824d4e35891528b1f95fef

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

gdi32

user32

comctl32

comdlg32

shell32

authz

aclui

ole32

ulib

clb

ntdll

shlwapi

Sections

.text Size: 87KB - Virtual size: 86KB

.data Size: 1024B - Virtual size: 259KB

.rsrc Size: 79KB - Virtual size: 80KB

.text
Size: 87KB - Virtual size: 86KB

.data
Size: 1024B - Virtual size: 259KB

.rsrc
Size: 79KB - Virtual size: 80KB