7a8a869effcff38acef65926ddb5a2753f563ad36ff42a1b0287f5da78c6fea9

Sharing

Copy URL Twitter E-mail

General

Target

7a8a869effcff38acef65926ddb5a2753f563ad36ff42a1b0287f5da78c6fea9
Size

91KB
MD5

4fc96263d1c5145a0f72f84e3be6f55f
SHA1

40c13d941c8ba696c39fefe553f5f1a3d853b549
SHA256

7a8a869effcff38acef65926ddb5a2753f563ad36ff42a1b0287f5da78c6fea9
SHA512

fa8abcd7eb32d935a4cd3ec12ea4deb6a35168c494533b4aa87a672b563674d16794ff6c8e231dc1ec117f253f60e6496a6b29483e1b3ba25bf4a8d7fa07838b
SSDEEP

1536:kY8s9Woiwb6NTDCDo6ZrDbuKue77PV9Fy0HT1yvEOoBsCg:+oMDCc65bu9y7V9Y0HJRBsR

Score

N/A

Malware Config

Signatures

Files

7a8a869effcff38acef65926ddb5a2753f563ad36ff42a1b0287f5da78c6fea9
.exe windows x86

de7892e97437d6d0f8ddb1adc21de6db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoTaskMemFree
CoCreateInstance
StringFromCLSID
StringFromGUID2
CoGetMalloc
CLSIDFromProgID
CLSIDFromString

user32

EnableWindow
GetClientRect
GetDlgItem
GetFocus
GetParent
GetSysColor
GetSystemMetrics
GetWindowLongW
IsCharAlphaNumericW
IsCharAlphaW
IsWindowEnabled
LoadIconW
LoadStringW
MessageBoxW
PostMessageW
SendDlgItemMessageW
SendMessageW
SetFocus
SetWindowLongW
ShowWindow
WinHelpW
wsprintfW

kernel32

DisableThreadLibraryCalls
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
LocalAlloc
LocalFree
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
lstrcatW
lstrcpyW
lstrlenA
lstrlenW

ntdll

NtClose
NtCreateSymbolicLinkObject
NtDuplicateObject
NtDuplicateToken
NtMakePermanentObject
NtMakeTemporaryObject
NtOpenProcessToken
NtOpenSymbolicLinkObject
NtQueryInformationProcess
NtQueryInformationToken
NtQuerySymbolicLinkObject
NtQuerySystemInformation
NtSetInformationThread
RtlAddAccessAllowedAce
RtlAllocateAndInitializeSid
RtlAllocateHeap
RtlCopyLuid
RtlCreateAcl
RtlCreateSecurityDescriptor
RtlDeleteCriticalSection
RtlEnterCriticalSection
RtlEqualSid
RtlFreeHeap
RtlFreeSid
RtlInitUnicodeString
RtlInitializeCriticalSection
RtlInitializeSid
RtlLeaveCriticalSection
RtlLengthRequiredSid
RtlLengthSid
RtlNtStatusToDosError
RtlOpenCurrentUser
RtlQueryEnvironmentVariable_U
RtlSetDaclSecurityDescriptor
RtlSetEnvironmentVariable
RtlSubAuthoritySid
VerSetConditionMask

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA

comctl32

PropertySheetW
CreatePropertySheetPageW
InitCommonControlsEx

shell32

SHChangeNotify
SHGetMalloc
SHGetSpecialFolderLocation

gdi32

DeleteDC
DeleteObject
BitBlt
ExtTextOutW
GetDeviceCaps
CreateCompatibleDC
RealizePalette
SelectObject
SelectPalette
SetBkColor
SetTextColor
StretchBlt
CreateSolidBrush

Sections

.text
Size: 4KB - Virtual size: 796B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 482B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de7892e97437d6d0f8ddb1adc21de6db

Headers

DLL Characteristics

File Characteristics

Imports

ole32

user32

kernel32

ntdll

advapi32

comctl32

shell32

gdi32

Sections

.text Size: 4KB - Virtual size: 796B

.rdata Size: 4KB - Virtual size: 482B

.data Size: 68KB - Virtual size: 68KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 4KB - Virtual size: 796B

.rdata
Size: 4KB - Virtual size: 482B

.data
Size: 68KB - Virtual size: 68KB

.rsrc
Size: 12KB - Virtual size: 12KB