d119babfd04596cdae407a1642d4713d566e601c6d2d096215fed02a8d14a7aa

Sharing

Copy URL

Twitter E-mail

General

Target

d119babfd04596cdae407a1642d4713d566e601c6d2d096215fed02a8d14a7aa
Size

168KB
MD5

ddca4d55e0b4c7e729f2a27721f6f957
SHA1

7e48c9dc3e44db4e7a72eb01f3f57c8866c7946c
SHA256

d119babfd04596cdae407a1642d4713d566e601c6d2d096215fed02a8d14a7aa
SHA512

ec1bda515bd0ab60f86d0976dec365b2cc3def12c4a9d381851213ad139c807addc883851a1bb548943f5b35dc7222ea7ecbdbbe30338a053bc5c8e507b2a6ab
SSDEEP

3072:FgW1Bd+9OdyRRGqUXyKKihqwk+mN4vHBbkjuWnHqNI8XKvu+TJ:FDPd+95e9K5d+maHpkjucHqHqJ

Score

N/A

Malware Config

Signatures

Files

d119babfd04596cdae407a1642d4713d566e601c6d2d096215fed02a8d14a7aa
.exe windows x86

205fa1d09da3d86afda4bde69fd3dd1d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

InflateRect
SetForegroundWindow
ScrollWindowEx
EnableMenuItem
DialogBoxParamW
ChildWindowFromPoint
EndPaint
ReleaseDC
GetScrollInfo
OffsetRect
GetClientRect
LoadCursorW
SetWindowLongW
EnumChildWindows
SetFocus
MoveWindow
SetWindowPos
GetWindowTextW
GetKeyState
MapWindowPoints
IsDlgButtonChecked
SetWindowTextA
IsIconic
GetWindowPlacement
BeginPaint
DialogBoxIndirectParamW
ScreenToClient
DeferWindowPos
SetActiveWindow
PostMessageW
CreateWindowExW
CheckMenuItem
LoadImageW
DestroyWindow
GetClassNameW
IsDialogMessageW
SetClipboardData
RegisterWindowMessageW
GetWindowRect
ShowWindow
ReleaseCapture
GetActiveWindow
SendMessageW
SetTimer
UnionRect
GetPropW
LoadStringW
FillRect
DestroyAcceleratorTable
IntersectRect
GetSysColor
GetParent
GetClassLongW
GetSystemMetrics
IsWindowEnabled
SetCapture
DrawIconEx
GetMenu
KillTimer
DrawFrameControl
GetSysColorBrush
IsZoomed
SetCursor
GetSubMenu
GetDC
GetGuiResources
GetWindowLongW
OpenClipboard
GetIconInfo
InSendMessageEx
IsChild
DrawFocusRect
GetWindowDC
GetScrollPos
SetMessageExtraInfo
RedrawWindow
MapVirtualKeyW
GetMessageExtraInfo
HiliteMenuItem
RealChildWindowFromPoint
EnableWindow
GetNextDlgGroupItem
EndDeferWindowPos

comdlg32

PrintDlgW
FindTextW
GetOpenFileNameW
ChooseFontW

shell32

SHGetSpecialFolderLocation
SHBrowseForFolderW
ShellExecuteExW
SHGetFileInfoW

ole32

CoInitialize

advapi32

FreeSid
RegQueryValueExA
OpenProcessToken
AllocateAndInitializeSid
AdjustTokenPrivileges
CloseServiceHandle
RegSetValueExW
RegOpenKeyW
GetTokenInformation
RegCloseKey
RegOpenKeyExW
RegCreateKeyW
RegQueryValueExW
EqualSid

gdi32

GetBkColor
EndPage
DeleteDC
Polyline
FrameRgn
GetDeviceCaps
EndDoc
SetBkMode
CreateFontW
SelectClipRgn
CreateFontIndirectW
DeleteObject
CombineRgn
CreateSolidBrush
GetTextMetricsW
CreateRectRgnIndirect
GetStockObject
SetTextColor
GetObjectW
StartDocW
Polygon

comctl32

InitCommonControlsEx
ImageList_Destroy
ImageList_Create
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_DrawEx

version

GetFileVersionInfoW
VerQueryValueW

kernel32

GetOverlappedResult
CloseHandle
GetConsoleMode
GetFileInformationByHandle
GetCurrentProcessId
Module32FirstW
lstrlenA
GetNativeSystemInfo
SetLastError
GlobalFree
SetEndOfFile
RaiseException
ExitProcess
Process32NextW
GetCurrentProcess
MultiByteToWideChar
LeaveCriticalSection
LocalAlloc
QueryPerformanceFrequency
CreateFileMappingW
InterlockedDecrement
ExpandEnvironmentStringsA
IsDebuggerPresent
SizeofResource
WriteConsoleA
FreeEnvironmentStringsA
CompareStringW
LockResource
SetEnvironmentVariableA
CompareStringA
GetStartupInfoA
GetFileAttributesW
FreeEnvironmentStringsW
VirtualFree
Thread32Next
TlsFree
FindClose
ExitThread
FileTimeToSystemTime
VirtualProtectEx
GetTickCount
SetProcessWorkingSetSize
WriteConsoleW
GetStdHandle
Thread32First
HeapCreate
EnterCriticalSection
TerminateProcess
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
HeapAlloc
HeapReAlloc
RtlUnwind
HeapSize
GlobalUnlock
GetFileSize
QueryPerformanceCounter
FormatMessageW
GetSystemTimeAsFileTime
FreeLibrary
DeleteFileW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleW
Sleep
WriteFile
GetModuleFileNameA
WideCharToMultiByte
SetHandleCount
DeleteCriticalSection
TlsGetValue
TlsAlloc
InterlockedIncrement
LocalFree
GetCurrentThreadId
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTempPathA
GetFileType
SetFileValidData
GlobalWire
ReplaceFileA
SetFilePointerEx
FreeResource
GetFileAttributesExW
TransmitCommChar
CancelWaitableTimer
GlobalUnWire
UnlockFileEx
GetFileSizeEx
FindVolumeClose
GetAtomNameW
GlobalCompact
VirtualAlloc
SetFileApisToOEM
GetDevicePowerState
FlushFileBuffers
UnmapViewOfFile
CreateProcessW
CreateNamedPipeW
GetLocaleInfoA
Module32NextW
HeapFree
GlobalLock
ExpandEnvironmentStringsW
GetCommandLineW
GlobalAddAtomW
GetOEMCP
GetLastError
GetCurrentDirectoryW
CreateToolhelp32Snapshot
GetEnvironmentStringsW
WaitForSingleObject
TlsSetValue
FileTimeToLocalFileTime
LCMapStringA
GetModuleFileNameW
SetFilePointer
SetCurrentDirectoryW
GetCommandLineA
GetProcAddress
GetEnvironmentStrings
IsValidCodePage
CreateFileW
ResumeThread

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

205fa1d09da3d86afda4bde69fd3dd1d

Headers

DLL Characteristics

File Characteristics

Imports

user32

comdlg32

shell32

ole32

advapi32

gdi32

comctl32

version

kernel32

Sections

.text Size: 60KB - Virtual size: 60KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 6KB - Virtual size: 100KB

.rsrc Size: 88KB - Virtual size: 87KB

.text
Size: 60KB - Virtual size: 60KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 6KB - Virtual size: 100KB

.rsrc
Size: 88KB - Virtual size: 87KB