d4dbebaacb9b61074550eeaaa3eec1cbbf56bfbf468619fcb7e97db1f6ccfdd8

Sharing

Copy URL

Twitter E-mail

General

Target

d4dbebaacb9b61074550eeaaa3eec1cbbf56bfbf468619fcb7e97db1f6ccfdd8
Size

140KB
MD5

b4137eb1e881b832b53ebf97bc08a8f7
SHA1

4d07296db420da0408f95486e42e1b79d10c8b98
SHA256

d4dbebaacb9b61074550eeaaa3eec1cbbf56bfbf468619fcb7e97db1f6ccfdd8
SHA512

b8399204d71cca95819470f0b7a239d0aab863457089b082f092cc8c7f7e1b48b53b37d3568d8794c62feef0e5df62c1579dc0b97e9ec06f9236c82551bd2103
SSDEEP

3072:JHxUcp+lH3DZn4UfLufsKa3dOk0X7XpNjAoOpys8cZC39wU85JrR:zl+lXDZJfLufs73dOk0XDpNjNOpys8UH

Score

N/A

Malware Config

Signatures

Files

d4dbebaacb9b61074550eeaaa3eec1cbbf56bfbf468619fcb7e97db1f6ccfdd8
.exe windows x86

6a2fc8d37b8a0d3e10059a4768a803d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcsncpy
wcslen
wcscat
iswprint
_purecall
iswctype
wcscmp
wcschr
wcsncmp
wcsrchr
swprintf
wcscpy
memmove

advapi32

RegQueryValueExA
RegOpenKeyExA
InitializeSecurityDescriptor
RegDeleteKeyW
InitializeAcl
SetSecurityDescriptorDacl
SetSecurityDescriptorSacl
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
GetInheritanceSourceW
LookupAccountSidW
GetSidSubAuthorityCount
RegCloseKey
RegOpenKeyW
RegSetValueExW
RegCreateKeyW
RegEnumValueW
RegDeleteValueW
RegEnumKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegUnLoadKeyW
RegLoadKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegConnectRegistryW
RegRestoreKeyW
RegSaveKeyW
RegFlushKey
RegSetValueW
RegSetValueExA
MapGenericMask
GetNamedSecurityInfoW
SetNamedSecurityInfoW
SetSecurityInfo
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
GetSecurityDescriptorControl
GetSidSubAuthority

kernel32

MulDiv
LoadLibraryW
FreeLibrary
FileTimeToLocalFileTime
FileTimeToSystemTime
GetSystemDefaultLCID
GetDateFormatW
GetTimeFormatW
ExitProcess
SearchPathW
GetFileSize
SetFilePointer
GetLastError
OutputDebugStringW
CreateFileW
WideCharToMultiByte
WriteFile
DeleteFileW
ReadFile
MultiByteToWideChar
lstrcmpW
FormatMessageW
GetThreadLocale
GetModuleHandleW
lstrcpynW
GetCommandLineW
GetProcessHeap
LocalAlloc
GetCurrentProcess
CloseHandle
LocalFree
GetComputerNameW
lstrcmpiW
lstrlenW
lstrcpyW
LocalReAlloc
GlobalAlloc
GlobalLock
GlobalUnlock
GetProcAddress
lstrcatW
LoadLibraryA

gdi32

SetBkColor
GetStockObject
SetAbortProc
StartDocW
StartPage
SetViewportOrgEx
EndPage
EndDoc
AbortDoc
DeleteDC
CreateBitmap
CreatePatternBrush
PatBlt
ExcludeClipRect
SelectClipRgn
DeleteObject
SetTextColor
ExtTextOutW
GetDeviceCaps
CreateFontIndirectW
SelectObject
GetTextMetricsW

user32

SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
WinHelpW
EndDialog
GetWindowLongW
EndPaint
BeginPaint
CreateCaret
SetTimer
SetCapture
SetFocus
CharLowerW
MessageBeep
DestroyMenu
TrackPopupMenuEx
IsClipboardFormatAvailable
EnableMenuItem
GetSubMenu
LoadMenuW
GetKeyState
RegisterClassW
LoadCursorW
RegisterClipboardFormatW
CheckRadioButton
SendMessageW
GetWindowTextW
GetParent
GetDlgItemTextW
IsDlgButtonChecked
GetDlgCtrlID
CallWindowProcW
GetWindowTextLengthW
GetDlgItemInt
PostQuitMessage
GetWindowPlacement
SetWindowTextW
EnableWindow
DialogBoxParamW
DrawMenuBar
InsertMenuItemW
DeleteMenu
SetMenuItemInfoW
GetMenu
GetMenuItemInfoW
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsIconic
DestroyIcon
LoadImageW
GetSysColor
SetCursor
ShowCursor
ShowWindow
SetWindowPlacement
CreateWindowExW
GetProcessDefaultLayout
GetMessageW
ScreenToClient
SetCursorPos
DispatchMessageW
ClientToScreen
GetDesktopWindow
LoadIconW
PostMessageW
SetMenuDefaultItem
InsertMenuW
GetMenuItemID
CheckMenuItem
UpdateWindow
RegisterClassExW
CharNextW
GetClientRect
DestroyWindow
CreateDialogParamW
CheckDlgButton
DrawAnimatedRects
IntersectRect
ModifyMenuW
GetMessagePos
TranslateMessage
TranslateAcceleratorW
LoadAcceleratorsW
SetForegroundWindow
GetLastActivePopup
BringWindowToTop
FindWindowW
LoadStringW
GetWindow
IsDialogMessageW
PeekMessageW
MessageBoxW
CharUpperBuffW
CharUpperW
IsCharAlphaNumericW
CloseClipboard
InvalidateRect
HideCaret
ShowCaret
ScrollWindowEx
SetCaretPos
KillTimer
ReleaseCapture
DestroyCaret
wsprintfW
GetDC
ReleaseDC
DefWindowProcW
SetWindowLongW
SetDlgItemTextW
SendDlgItemMessageW
GetDlgItem
GetWindowRect
GetSystemMetrics
MoveWindow
MapWindowPoints
SetWindowPos
SetScrollInfo

comctl32

ord4
ord2
ord358
ImageList_Destroy
ord359
CreateStatusWindowW
ord329
ord337
ord338
ord334
ord236
ord340
InitCommonControlsEx
ord365
ImageList_SetBkColor
ord363
ImageList_Create
ImageList_ReplaceIcon

comdlg32

GetSaveFileNameW
GetOpenFileNameW
PrintDlgExW

shell32

DragQueryFileW
DragFinish
ShellAboutW

authz

AuthzFreeResourceManager
AuthzFreeContext
AuthzAccessCheck
AuthzInitializeResourceManager
AuthzInitializeContextFromSid

aclui

ord2

ole32

CoCreateInstance
ReleaseStgMedium
CoInitializeEx
CoUninitialize

ulib

?Resize@DSTRING@@UAEEK@Z
?Initialize@ARRAY@@QAEEKK@Z
?NewBuf@DSTRING@@UAEEK@Z
??1DSTRING@@UAE@XZ
??1OBJECT@@UAE@XZ
??0OBJECT@@IAE@XZ
?Compare@OBJECT@@UBEJPBV1@@Z
??0DSTRING@@QAE@XZ
?Initialize@WSTRING@@QAEEPBV1@KK@Z
??0ARRAY@@QAE@XZ
?Initialize@WSTRING@@QAEEPBGK@Z
?Strcat@WSTRING@@QAEEPBV1@@Z

clb

ClbSetColumnWidths
ClbAddData

ntdll

RtlFreeHeap
RtlAllocateHeap

Sections

.text
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6a2fc8d37b8a0d3e10059a4768a803d7

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

comctl32

comdlg32

shell32

authz

aclui

ole32

ulib

clb

ntdll

Sections

.text Size: 83KB - Virtual size: 82KB

.data Size: 512B - Virtual size: 259KB

.rsrc Size: 56KB - Virtual size: 74KB

.text
Size: 83KB - Virtual size: 82KB

.data
Size: 512B - Virtual size: 259KB

.rsrc
Size: 56KB - Virtual size: 74KB