7200adaa46cfc4e583f17a1e968846fdde3cedc33a804beebdbc7821c4d163a4

Sharing

Copy URL Twitter E-mail

General

Target

7200adaa46cfc4e583f17a1e968846fdde3cedc33a804beebdbc7821c4d163a4
Size

254KB
MD5

c14f632fb19e0e31c18a575fbe5762d2
SHA1

4ab0e4fd19b3ff5899fddb997b08ce7f85c833f1
SHA256

7200adaa46cfc4e583f17a1e968846fdde3cedc33a804beebdbc7821c4d163a4
SHA512

5d5022f850f512707e762f1076027960354b38882ab35bdd6104cfc588e8077c994c6391133edf8d4ecf1c0b9ccc03ef5ace37ee43534963153cd19d9758d2a6
SSDEEP

6144:Vqq/vz6QiiehVRHsaiPES/RjUZgFbGbhZdTquUos1r:0avWRuaeESJ7bGFZJUl

Score

N/A

Malware Config

Signatures

Files

7200adaa46cfc4e583f17a1e968846fdde3cedc33a804beebdbc7821c4d163a4
.exe windows x86

6b3bb5d9be584c85da61aa49f1361893

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

TransparentBlt
vSetDdrawflag
AlphaBlend
DllInitialize
GradientFill

rtutils

RouterLogEventW
TraceDeregisterExA
TraceDeregisterExW
TracePutsExA
RouterGetErrorStringW
RouterLogEventExA
TraceDeregisterW
RouterGetErrorStringA
RouterLogDeregisterA
TracePrintfA
RouterLogEventExW
RouterLogEventValistExA
RouterLogEventA
RouterLogDeregisterW
RouterLogEventDataW
RouterLogEventStringW
MprSetupProtocolFree
TraceGetConsoleW
TraceGetConsoleA
RouterLogEventStringA
LogEventA

comctl32

LBItemFromPt
ImageList_Merge
ImageList_GetImageRect
ImageList_GetImageCount

kernel32

lstrcmpA
HeapFree
VirtualAlloc
GetVersion
LoadLibraryA
GetProcessHeap
lstrlenA
GetProcAddress
GetCurrentProcessId
lstrcpynW
GetCurrentProcess
GetConsoleTitleW
HeapAlloc
GetVersionExW

user32

FindWindowW
ReplyMessage
GetClientRect
GetSysColor
GetPriorityClipboardFormat
GetWindowTextA
ChangeMenuA
ReuseDDElParam
LoadMenuA
FindWindowExW
IsWindow
wsprintfA
InsertMenuItemW
GetForegroundWindow
FindWindowA
SetWindowPos
LoadIconA
SendMessageA
PrivateExtractIconExW
SetParent
BringWindowToTop
CloseWindow

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b3bb5d9be584c85da61aa49f1361893

Headers

DLL Characteristics

File Characteristics

Imports

msimg32

rtutils

comctl32

kernel32

user32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 184KB - Virtual size: 183KB

.data Size: 14KB - Virtual size: 13KB

.rsrc Size: 26KB - Virtual size: 26KB

.reloc Size: 1024B - Virtual size: 776B

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 184KB - Virtual size: 183KB

.data
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 26KB - Virtual size: 26KB

.reloc
Size: 1024B - Virtual size: 776B