2f8208b5fd89f7b244427281723b8dc4e4af9911f4e364cd8c0df472ccbec3ce

General

Target

2f8208b5fd89f7b244427281723b8dc4e4af9911f4e364cd8c0df472ccbec3ce
Size

56KB
MD5

62d6389b4a6168c4630f8dcefcb8ae71
SHA1

a0889a6e9a6157762d5c054b5df1c07550e8a47d
SHA256

2f8208b5fd89f7b244427281723b8dc4e4af9911f4e364cd8c0df472ccbec3ce
SHA512

ab70c3ccd1b99e363e49f6bfbdd1f0d069e303199cd8167507bd0b156aed1d7720d1a7c7fa2a0795f9930d9f99ce3a17d8835c9f06416947df05ff088ced4844
SSDEEP

768:UFr9dobeYSm06ojko+SvHOQ/abTs8/VGd4Bq3yCcYNVEKESuTgnyQfHCXBl5IIIQ:UFZKT+WQGTs8te4XHm9uiyoUNlSQMOT

Score

N/A

Malware Config

Signatures

Files

2f8208b5fd89f7b244427281723b8dc4e4af9911f4e364cd8c0df472ccbec3ce
.exe windows x86

59aa0c8f275789b1f39f13c64267d6b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSQueryUserToken
WTSWaitSystemEvent
WTSFreeMemory
WTSLogoffSession
WTSVirtualChannelRead
WTSVirtualChannelClose
WTSVirtualChannelWrite
WTSRegisterSessionNotification
WTSEnumerateServersA
WTSSetUserConfigA
WTSSendMessageA
WTSVirtualChannelOpen
WTSQuerySessionInformationA
WTSVirtualChannelPurgeInput
WTSEnumerateProcessesA
WTSUnRegisterSessionNotification

kernel32

SearchPathW
CreateWaitableTimerA
GetLogicalDriveStringsA
lstrcpynW
WaitForSingleObjectEx
CompareStringA
DeviceIoControl
lstrcmpA
InitializeCriticalSection
SetErrorMode
GetEnvironmentVariableA
GetLocaleInfoW
FindFirstFileW
GetLocalTime
GetTickCount
QueryDosDeviceW
DeleteFileA
GetModuleHandleA
FileTimeToSystemTime
GetProcAddress
GetACP
CreateMutexA

user32

DrawIcon
CharToOemA
DialogBoxParamW
DispatchMessageW
MessageBoxW
DefDlgProcA
GetMessageA
PeekMessageW
LoadStringA
PostMessageW
LoadImageA
LoadBitmapA

ctl3d32

Ctl3dRegister
Ctl3dUnregister
Ctl3dGetVer
Ctl3dEnabled

dsprop

ErrMsgParam
CrackName
ErrMsg
FindSheet
CheckADsError

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59aa0c8f275789b1f39f13c64267d6b2

Headers

File Characteristics

Imports

wtsapi32

kernel32

user32

ctl3d32

dsprop

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 20KB - Virtual size: 19KB