45d599452a4e49d969d2ea03326abc975b0221aaaa7bb6a94ffee75bc6724fa0

Sharing

Copy URL Twitter E-mail

General

Target

45d599452a4e49d969d2ea03326abc975b0221aaaa7bb6a94ffee75bc6724fa0
Size

1.8MB
MD5

555a349b21d64f1cf4cbbccbe9798b63
SHA1

96d4e92579895cb89fe4103268f508106450ec3e
SHA256

45d599452a4e49d969d2ea03326abc975b0221aaaa7bb6a94ffee75bc6724fa0
SHA512

1e78aa89a2b227752331af84868cd455c6b4d955ca79785121c8011f24b837fe552908a5e4ea138cbc4d18b9cca8099524b0e970000c8b5d1afc25b721e7e1d6
SSDEEP

49152:A6g/xYhgSPn1NsWHmrrMQLrsDFtJqM3l2mzu:Adx3q12WGPlKFnBz

Score

N/A

Malware Config

Signatures

Files

45d599452a4e49d969d2ea03326abc975b0221aaaa7bb6a94ffee75bc6724fa0
.exe windows x86

f4d9d03cd1c0587299c09da98f10fc38

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawIcon
DialogBoxParamA
IsZoomed
EnableWindow
IsDialogMessageA
IsWindowVisible
GetPropA
DispatchMessageA
GetMessageA
IsCharLowerW
CharToOemA
IsChild
PeekMessageA
GetCaretPos
SetCursorPos
wsprintfA
LoadImageA
GetWindowLongA

advapi32

RegDeleteKeyA
IsValidSid
RegCloseKey
IsTextUnicode
RegEnumKeyA
IsValidAcl
IsValidSecurityDescriptor
RegEnumValueA
InitializeSid
RegSaveKeyA
CreateProcessAsUserA
RegQueryValueA
OpenServiceA
RegOpenKeyExA

nddeapi

NDdeShareAddA
NDdeShareGetInfoA
NDdeShareSetInfoA
NDdeShareDelA

msimg32

TransparentBlt
vSetDdrawflag
GradientFill
AlphaBlend
DllInitialize

kernel32

CreateNamedPipeA
CompareStringA
GetConsoleTitleA
GetEnvironmentVariableA
GetFullPathNameW
GetShortPathNameW
GetTickCount
SetCurrentDirectoryW
GetStringTypeA
GetPrivateProfileSectionA
CloseHandle
ReadConsoleA
GetModuleHandleA
GetGeoInfoA
TlsGetValue
FindResourceW
ReadFile
GetCurrentDirectoryA
GetSystemTimeAsFileTime
GetFullPathNameA
WaitForSingleObject
GetProcessHeap
CreateDirectoryA
CreateFileA
GetVersionExA
HeapValidate
lstrcmpiA
GetAtomNameA
lstrcmpiA
GetCurrentProcess
GetTimeFormatA
UpdateResourceA
HeapCreate
WriteConsoleA
QueryDosDeviceW
GetProcessId
GetNumberFormatW
lstrcpynA
GetPrivateProfileIntA

uxtheme

GetThemeTextMetrics
GetThemeBool
CloseThemeData
OpenThemeData
IsThemeActive
GetThemeFont
GetThemeInt
GetWindowTheme
GetThemeColor
GetThemeTextExtent
SetWindowTheme

dhcpcsvc

McastGenUID
DhcpEnumClasses
DhcpFreeMem
McastApiStartup

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4d9d03cd1c0587299c09da98f10fc38

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

nddeapi

msimg32

kernel32

uxtheme

dhcpcsvc

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 35KB - Virtual size: 35KB

.reloc Size: 44KB - Virtual size: 43KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 35KB - Virtual size: 35KB

.reloc
Size: 44KB - Virtual size: 43KB