b5dd6e8288017f4988f8b8d5738546b9ef90837b47be912c86bfa66d65d65dbd

Sharing

Copy URL

Twitter E-mail

General

Target

b5dd6e8288017f4988f8b8d5738546b9ef90837b47be912c86bfa66d65d65dbd
Size

691KB
MD5

2b62cdb6bcec4bff47eff437e4fc46d3
SHA1

c69586cd9813701974a65a9025383c56a0b5f306
SHA256

b5dd6e8288017f4988f8b8d5738546b9ef90837b47be912c86bfa66d65d65dbd
SHA512

902e67858db24b95ed0f0a4457348b246d49350cd9416bc71b8b256f71791fe4491293b4853028cb7a6f09a80333835919277ab9b40e393cff84526156262dbd
SSDEEP

12288:+ti86TibqhI6FhRJmYFrM9MizFXQ1jUWVH65adhEyHvNuGkvdMIEq3QusHP:+0PTCmI62YFrMpXCjUWVAdyHVuGkvdMr

Score

N/A

Malware Config

Signatures

Files

b5dd6e8288017f4988f8b8d5738546b9ef90837b47be912c86bfa66d65d65dbd
.exe windows x86

b78de9e072e13f0b9dc0d5c178e633c4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCommonPrefixA
UrlCanonicalizeA
UrlUnescapeA
UrlCombineA
PathCompactPathA
UrlHashA
UrlGetPartA
UrlCompareA
UrlIsA
UrlCreateFromPathA
UrlGetLocationA

user32

DispatchMessageA
CreateWindowExA
DrawIcon
SetCursorPos
GetCaretPos
GetWindowLongA
CharToOemA
IsDialogMessageA
LoadCursorA
IsWindow
GetWindowTextA
PostMessageA
LoadImageA
PeekMessageA
wsprintfA

kernel32

GetStringTypeA
lstrcmpiA
GetFullPathNameA
ReadFile
CreateDirectoryA
CloseHandle
GetPrivateProfileIntA
GetSystemTimeAsFileTime
SetEnvironmentVariableW
CompareStringA
GetProcessId
GetNumberFormatW
GetAtomNameA
GetBinaryTypeA
ReadConsoleA
WaitForSingleObject
SetFilePointer
GetTickCount
GetModuleHandleA
GetCurrentProcess
WriteConsoleA
FormatMessageA
GetPrivateProfileSectionA
CreateNamedPipeA
lstrcpynA
VirtualAllocEx
UpdateResourceA
GetGeoInfoA

nddeapi

NDdeShareGetInfoA
NDdeShareDelA
NDdeShareAddA
NDdeShareSetInfoA
NDdeShareEnumA

wtsapi32

WTSSendMessageA
WTSVirtualChannelPurgeInput
WTSEnumerateSessionsW
WTSVirtualChannelQuery
WTSVirtualChannelClose
WTSWaitSystemEvent
WTSUnRegisterSessionNotification
WTSEnumerateServersA
WTSRegisterSessionNotification
WTSSetUserConfigW
WTSSetSessionInformationW
WTSQuerySessionInformationA
WTSOpenServerW
WTSQueryUserToken
WTSVirtualChannelOpen
WTSLogoffSession
WTSVirtualChannelWrite

certcli

CADeleteCA
CACloseCA

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 665KB - Virtual size: 665KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b78de9e072e13f0b9dc0d5c178e633c4

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

user32

kernel32

nddeapi

wtsapi32

certcli

Sections

.text Size: 22KB - Virtual size: 21KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 665KB - Virtual size: 665KB

.text
Size: 22KB - Virtual size: 21KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 665KB - Virtual size: 665KB