7c384fbfe71fb575b1a9ad99e758e69d324c95acb1272fd4de733bcf2d33752e

Sharing

Copy URL

Twitter E-mail

General

Target

7c384fbfe71fb575b1a9ad99e758e69d324c95acb1272fd4de733bcf2d33752e
Size

289KB
MD5

9b84232764e8293ad28d4a42c84e9c74
SHA1

0ea7146defded1d87bfac365a3036477bf5fd592
SHA256

7c384fbfe71fb575b1a9ad99e758e69d324c95acb1272fd4de733bcf2d33752e
SHA512

e295a7786f6e09fa0a4a3ff28298c62097dc15626b686ec5a0c545c697ffef54995b9c2dcbac1fe2a8d5f3f93974386e11fdc4e6c02cbbf6d55d9c82e3f7b9f1
SSDEEP

6144:c9EfghSPgdnSYLCLJcOh0+iqz71hQEK9t5/gesc05u3EMZV3EHN2tlH:clSSSYLCCE05SHa5lscSuUwVgEtV

Score

N/A

Malware Config

Signatures

Files

7c384fbfe71fb575b1a9ad99e758e69d324c95acb1272fd4de733bcf2d33752e
.exe windows x86

0bffdc45a16ed8cb911415a79dcfd182

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetFileInfoW
SHFileOperationW
ShellExecuteW
SHBrowseForFolderW

ole32

OleInitialize
CoTaskMemFree
CoCreateInstance
OleUninitialize

advapi32

RegDeleteValueW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW
RegEnumKeyW
RegOpenKeyExW

gdi32

SetTextColor
DeleteObject
SetBkMode
CreateFontIndirectW
SelectObject
GetDeviceCaps
SetBkColor
GetStockObject
GetTextExtentPoint32W

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

InitializeCriticalSectionAndSpinCount
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
RemoveDirectoryW
FreeResource
ResetEvent
IsSystemResumeAutomatic
GetTapeStatus
SetHandleInformation
AssignProcessToJobObject
GetFileAttributesExW
GetExitCodeProcess
IsProcessInJob
LockResource
SetLastError
GetThreadSelectorEntry
FlushFileBuffers
GetModuleFileNameA
SetHandleCount
ClearCommBreak
SetMessageWaitingIndicator
GetProcessHeap
RequestWakeupLatency
GetProcessIoCounters
CreateFileMappingW
SetSystemTimeAdjustment
GetCommTimeouts
GetCommandLineW
GlobalDeleteAtom
GetNamedPipeHandleStateW
ReplaceFileA
DecodePointer
EscapeCommFunction
MulDiv
GetThreadIOPendingFlag
GetLogicalDrives
GetWriteWatch
ReleaseMutex
InitAtomTable
GetNamedPipeHandleStateA
DeleteAtom
SetMailslotInfo
GetCurrentProcess
OpenProcess
GetProcessPriorityBoost
QueueUserAPC
lstrcpynA
DeleteFileW
FindFirstFileW
FindNextFileW
FindClose
SetFilePointer
MultiByteToWideChar
ReadFile
WriteFile
lstrlenA
WideCharToMultiByte
GetPrivateProfileStringW
WritePrivateProfileStringW
FreeLibrary
LoadLibraryExW
GetModuleHandleW
GlobalFree
WaitForSingleObject
GlobalAlloc
ExpandEnvironmentStringsW
lstrcmpW
lstrcmpiW
lstrcmpA
lstrcpyA
GetVersion
GetSystemDirectoryW
GetVersionExW
lstrcpyW
GetModuleHandleA
LoadLibraryA
GetProcAddress
lstrcatW
GetTempFileNameW
lstrcmpiA
CreateProcessW
LoadLibraryW
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
lstrcpynW
lstrlenW
CloseHandle
SetErrorMode
GetTempPathW
GetWindowsDirectoryW
ExitProcess
CopyFileW
GetModuleFileNameW
GetFileSize
CreateFileW
GetTickCount
Sleep
SetFileAttributesW
CreateDirectoryW
GetLastError
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
GetCommandLineA
GetStartupInfoA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetFileType
DeleteCriticalSection
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
GetLocaleInfoA

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0bffdc45a16ed8cb911415a79dcfd182

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ole32

advapi32

gdi32

version

kernel32

Sections

.text Size: 58KB - Virtual size: 57KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 213KB - Virtual size: 212KB

.text
Size: 58KB - Virtual size: 57KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 213KB - Virtual size: 212KB