d3c9fb925cc60b34166711d806f34592b333e3555d30a8957e89d08771768870

Sharing

Copy URL Twitter E-mail

General

Target

d3c9fb925cc60b34166711d806f34592b333e3555d30a8957e89d08771768870
Size

43KB
MD5

0c054d512ebfcdade1a7ba714bfcf15f
SHA1

26a8e96a5869dde53c2a731faa46e4e6d05c02f7
SHA256

d3c9fb925cc60b34166711d806f34592b333e3555d30a8957e89d08771768870
SHA512

43f20ffc30d514182d8ab81859339a8d20b8ca4f40787d9745408e7a595b5152bf73ff984ae9d69ce88cacba7e2b8c2fbf68bc5782986eb4209374e9229cab9e
SSDEEP

768:3kPCnFY+CynO+svwSkhmN8A8Yqrh8tW8hJJdcMyi+y+YksHZC:UPCnOZVvwSkhmm1YqrC7vcMyi+yHHZC

Score

N/A

Malware Config

Signatures

Files

d3c9fb925cc60b34166711d806f34592b333e3555d30a8957e89d08771768870
.exe windows x86

8e13bd02067692c9ef445bfa63780e89

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
ExitProcess
GetACP
GetModuleHandleA
GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect
SetThreadPriority
DisableThreadLibraryCalls
CreateProcessA
CreateConsoleScreenBuffer
CommConfigDialogA
SetCommMask
GetConsoleProcessList
GetProcessWorkingSetSize

ole32

CreateFileMoniker
FreePropVariantArray
CoGetInterceptor
IsValidIid
HACCEL_UserMarshal

gdiplus

GdipCreatePathGradient
GdipSetPenTransform
GdipRotateMatrix
GdipWindingModeOutline
GdipMultiplyPenTransform
GdipSetAdjustableArrowCapFillState
GdipCreatePath
GdipGetBrushType

advapi32

ConvertSDToStringSDRootDomainW
LsaEnumerateTrustedDomains
ConvertStringSidToSidA
IsValidAcl
ConvertToAutoInheritPrivateObjectSecurity
ElfDeregisterEventSource
RegQueryMultipleValuesA
OpenBackupEventLogA

shlwapi

SHQueryInfoKeyA
SHDeleteEmptyKeyA
PathRemoveFileSpecA

user32

EnumPropsExA
LoadStringA
DefDlgProcW
CreateDialogParamA
InvertRect

oleaut32

VarCyMulI4
VarR4FromStr
VarR8FromUI2
VarUI2FromI8

gdi32

SetICMMode
GetTextAlign
SetEnhMetaFileBits
SetLayout
SetPaletteEntries
ExtCreatePen
GetCharWidthFloatA

version

VerInstallFileA

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e13bd02067692c9ef445bfa63780e89

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

gdiplus

advapi32

shlwapi

user32

oleaut32

gdi32

version

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 4KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 10KB - Virtual size: 10KB