b7326b5bcf3afc0e1453520bcb5ed3662152edc5a974ff015fada094a1818519

General

Target

b7326b5bcf3afc0e1453520bcb5ed3662152edc5a974ff015fada094a1818519
Size

544KB
MD5

09400cd1bd529841b14f8a80b2597a8a
SHA1

6e96a737d1bd1bb6962d59212100292483511f09
SHA256

b7326b5bcf3afc0e1453520bcb5ed3662152edc5a974ff015fada094a1818519
SHA512

09bc1dcc6e01e3f6a58f10da6bb7f904aea3fcb25fb88392e2a68eaa51d828abe6a706ce308232611421b14ae26df676ac376576cb9eba011f889f32ae86f621
SSDEEP

12288:7KUAWvvnwKho25POT6Xvw2L9ZG0zwcIlNjGC+B/PuG:AWvvnwooAPHXvw2L9Zrzw3lNSCa

Score

N/A

Malware Config

Signatures

Files

b7326b5bcf3afc0e1453520bcb5ed3662152edc5a974ff015fada094a1818519
.exe windows x86

c0cc4845b404aed0d07f328175ef30ad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

uxtheme

DrawThemeEdge
OpenThemeData
DrawThemeBackground
CloseThemeData
GetThemeBool
GetThemeTextMetrics
GetThemeTextExtent
GetWindowTheme
GetThemeEnumValue
SetWindowTheme
GetThemeFont

wtsapi32

WTSQueryUserToken
WTSCloseServer
WTSVirtualChannelRead
WTSQuerySessionInformationA
WTSVirtualChannelWrite
WTSSetSessionInformationA
WTSSendMessageA
WTSWaitSystemEvent
WTSLogoffSession
WTSRegisterSessionNotification
WTSEnumerateSessionsA
WTSQueryUserConfigA
WTSOpenServerA

ntshrui

IsFolderPrivateForUser
IsPathSharedW
GetLocalPathFromNetResourceA
IsPathSharedA

shell32

SHChangeNotify
ExtractIconA
ShellAboutA
DragQueryFileA
SHGetDiskFreeSpaceA
DllUnregisterServer
DragQueryPoint
SHGetMalloc
SHGetDataFromIDListA
SHGetFileInfoA
SHFileOperationA
SHCreateShellItem

msasn1

ASN1BERDecBool
ASN1BERDecEoid
ASN1BERDecNull
ASN1BERDecCharString

kernel32

GetDriveTypeA
GetVolumePathNameA
GetComputerNameA
GetProcessHeap
CreateTimerQueue
OpenMutexA
InitializeCriticalSection
DeviceIoControl
GetModuleFileNameA
CreateMutexA
InterlockedExchange
CreatePipe
GetDiskFreeSpaceA
SetFileAttributesA
FindResourceA
GetAtomNameA
CreateSemaphoreA
GetProcAddress
VirtualQueryEx
CopyFileA
lstrcmpA
lstrcmpiA
GetEnvironmentVariableA
GetLogicalDrives
GetModuleHandleA
CreateNamedPipeA
lstrcpynA
CreateMailslotA
GetFileSize
DisconnectNamedPipe
SetCurrentDirectoryA
GetBinaryTypeA
GetSystemTime

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.hdata
Size: 482KB - Virtual size: 482KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qdata
Size: 19KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c0cc4845b404aed0d07f328175ef30ad

Headers

File Characteristics

Imports

uxtheme

wtsapi32

ntshrui

shell32

msasn1

kernel32

Sections

.text Size: 41KB - Virtual size: 41KB

.hdata Size: 482KB - Virtual size: 482KB

.qdata Size: 19KB - Virtual size: 268KB

.text
Size: 41KB - Virtual size: 41KB

.hdata
Size: 482KB - Virtual size: 482KB

.qdata
Size: 19KB - Virtual size: 268KB