18b0e9ae5ad09c9dd02b34a93b1bfc61eb04cdab88e4fed5b88f009a06851db0

Sharing

Copy URL

Twitter E-mail

General

Target

18b0e9ae5ad09c9dd02b34a93b1bfc61eb04cdab88e4fed5b88f009a06851db0
Size

70KB
MD5

6d2731431714a8e1cd92443c9a3c180d
SHA1

6839befe1a89667ad80299ba4ad526e8f3f9b1bc
SHA256

18b0e9ae5ad09c9dd02b34a93b1bfc61eb04cdab88e4fed5b88f009a06851db0
SHA512

350df5777a8e57c630a2cb1615f39be498bb8e4a5b83959f4f4cc62a72c2f94febf8f0658ac5b2b7ec2c1edf4d3649bc5bc4766bbd2644c10d7290ec68d1d0bb
SSDEEP

1536:QIbvO2TgylH7mEUPnFeU7JQ9wAMlDO5gXcEGPCMhS3:/bWqfH7cfF777AMoEGm3

Score

N/A

Malware Config

Signatures

Files

18b0e9ae5ad09c9dd02b34a93b1bfc61eb04cdab88e4fed5b88f009a06851db0
.exe windows x86

3dd27bc15df2286167f078ee9926935b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

modemui

drvCommConfigDialogA
CountryRunOnce
drvGetDefaultCommConfigA

msimg32

vSetDdrawflag
TransparentBlt
GradientFill
AlphaBlend

shlwapi

UrlCombineA
UrlIsNoHistoryW
UrlUnescapeA
UrlCanonicalizeA
UrlHashA
UrlEscapeA
UrlIsOpaqueA
PathCombineA
UrlCreateFromPathA
UrlIsA
PathCompactPathA

user32

IsDialogMessageA
DrawIcon
DialogBoxParamA
LoadCursorA
GetWindowLongA
GetPropA
GetCaretPos
LoadImageA
PostMessageA
IsWindow
SetCursorPos
DispatchMessageA

advapi32

ControlService
RegEnumValueA
IsValidSid
RegFlushKey
RegCreateKeyA
RegDeleteKeyA
RegEnumKeyA
RegCloseKey
IsTextUnicode
RegQueryValueA
CreateServiceA
InitializeSid
IsValidSecurityDescriptor
ClearEventLogA
RegDeleteValueA

nddeapi

NDdeShareAddA
NDdeShareSetInfoA
NDdeShareGetInfoA

kernel32

GetGeoInfoA
ReadFile
GetConsoleTitleA
GetModuleHandleA
GetPrivateProfileIntA
GetDateFormatA
GetProcessId
FormatMessageA
lstrcpynA
HeapValidate
GetStringTypeA
DeviceIoControl
GetBinaryTypeW
GetPrivateProfileStructW
VirtualAllocEx
GetComputerNameA
SetFilePointer
GetCurrentDirectoryA
SetCurrentDirectoryW
GetCurrentProcess
WaitForSingleObject
GetNumberFormatW
GetTimeFormatA
GetVersionExA
CloseHandle
GetProcessHeap
CreateDirectoryA
GetFullPathNameA
CreateNamedPipeA

certcli

CAEnumFirstCA
CACloseCA
CADeleteCA
CACloseCertType

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 881B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3dd27bc15df2286167f078ee9926935b

Headers

DLL Characteristics

File Characteristics

Imports

modemui

msimg32

shlwapi

user32

advapi32

nddeapi

kernel32

certcli

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1024B - Virtual size: 881B

.rsrc Size: 20KB - Virtual size: 20KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1024B - Virtual size: 881B

.rsrc
Size: 20KB - Virtual size: 20KB

.reloc
Size: 10KB - Virtual size: 10KB