45ab5d54c71eea1435e7c52b15fdaac5b23d81408d163ec57b26ad518f734d7b

Sharing

Copy URL Twitter E-mail

General

Target

45ab5d54c71eea1435e7c52b15fdaac5b23d81408d163ec57b26ad518f734d7b
Size

221KB
MD5

3c506426c7364901490d78edb49dbc01
SHA1

66a94982e97e71cab437a78d1b995449ed591541
SHA256

45ab5d54c71eea1435e7c52b15fdaac5b23d81408d163ec57b26ad518f734d7b
SHA512

caecd5905d419ef807aaa2fa3a6a65a5abe583012516e1fb3104555a3035e2a8dc3e0584aa8d826f75e5b01d92e5c7a05fb6f94a4ba085cbbf8458611e15c5a0
SSDEEP

3072:ZDmnn7HjG19Ts45CG33AOnsRFXb7gr32vO1:ZDmnn2/f1VSFL7

Score

N/A

Malware Config

Signatures

Files

45ab5d54c71eea1435e7c52b15fdaac5b23d81408d163ec57b26ad518f734d7b
.exe windows x86

6129708c795371141415c4758c30a474

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_mbsrchr
__lconv_init
_mbsinc
_mbschr
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
setlocale
free
_strnicmp
_stricmp
strtoul
_ftol
strncpy
strchr
strrchr
??2@YAPAXI@Z
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
??3@YAXPAX@Z
_wcsicmp
isleadbyte
memmove
towlower
atoi
isspace
strncmp

advapi32

RegOpenKeyA
LookupPrivilegeValueA
OpenProcessToken
LookupAccountSidA
GetTokenInformation
FreeSid
EqualSid
AllocateAndInitializeSid
RegCloseKey
RegQueryValueExA
RegEnumKeyA
RegQueryValueA
RegEnumKeyExA
RegSetValueExA
AdjustTokenPrivileges
RegOpenKeyExA

kernel32

SetFilePointer
FileTimeToDosDateTime
FileTimeToLocalFileTime
SetErrorMode
SetCurrentDirectoryA
GetModuleFileNameA
CloseHandle
GetCurrentProcess
CreateThread
LocalFree
FormatMessageA
LocalAlloc
GetLastError
CreateMutexA
GetVersionExA
DeleteCriticalSection
WaitForSingleObject
lstrlenA
lstrcmpiA
LeaveCriticalSection
EnterCriticalSection
CreateFileA
GetCurrentDirectoryA
InitializeCriticalSection
lstrcpyA
GetEnvironmentStrings
HeapFree
HeapAlloc
GetDiskFreeSpaceA
GetProcAddress
GetModuleHandleA
CopyFileA
CreateDirectoryA
GetSystemDirectoryA
GetWindowsDirectoryA
GetEnvironmentVariableA
GetFileAttributesA
lstrcpynA
DeleteFileA
SetFileAttributesA
lstrcatA
WideCharToMultiByte
lstrlenW
MultiByteToWideChar
GetDriveTypeA
ExpandEnvironmentStringsA
LoadLibraryA
FreeLibrary
LoadLibraryExA
DeviceIoControl
TerminateProcess
OpenProcess
FindClose
FindNextFileA
CreateProcessA
lstrcmpA
SetEvent
CreateEventA
ResetEvent
WriteFile
SetCommState
GetCommState
SetCommTimeouts
ReadFile
ExitThread
WaitForMultipleObjects
GetStartupInfoA
DebugBreak
ExitProcess
HeapReAlloc
GetProcessHeap
SetLastError
IsDBCSLeadByte
GetTempFileNameA
GetTempPathA
GetVersion
FindFirstFileA

gdi32

GetDeviceCaps
CreateFontIndirectA
AddFontResourceA

user32

GetClientRect
CopyRect
IsWindow
InvalidateRect
GetSysColor
SendDlgItemMessageA
SetFocus
LoadIconA
SetWindowLongA
RedrawWindow
LoadImageA
GetWindowLongA
GetWindowRect
ScreenToClient
SetWindowPos
ShowWindow
SystemParametersInfoA
GetDC
ReleaseDC
wsprintfA
GetParent
PostMessageA
DialogBoxParamA
EnableWindow
EndDialog
GetDlgItem
SetTimer
EnumChildWindows
CreateWindowExA
FindWindowA
RegisterClassExA
LoadStringA
MessageBoxA
GetMessageA
TranslateMessage
DispatchMessageA
ExitWindowsEx
SendMessageA
SetForegroundWindow
EnumThreadWindows
PostQuitMessage
DefWindowProcA

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetFileInfoA
SHBrowseForFolderA

ole32

OleUninitialize
OleInitialize
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CoUninitialize

comdlg32

GetOpenFileNameA

comctl32

PropertySheetA
InitCommonControlsEx
CreatePropertySheetPageA

setupapi

SetupOpenAppendInfFileA
SetupOpenInfFileA
SetupCloseInfFile
SetupFindNextLine
SetupGetStringFieldA
SetupGetLineCountA
SetupFindFirstLineA

log

LogReInitA
SuppressAllLogPopups
LogEnd
LogA
LogDeleteOnNextInit
LogBegin

migism

IsmStartTransport
IsmSetRollbackJournalType
IsmDoesRollbackDataExist
IsmPreserveJournal
IsmCanWriteRollbackJournal
IsmTerminate
IsmSetCancel
IsmSave
IsmLoad
IsmRollback
IsmRemoveAllUserSuppliedComponents
IsmSelectMasterGroup
IsmEnumFirstComponent
IsmEnumNextComponent
IsmExecute
IsmRegisterTransport
IsmSelectTransport
IsmSetTransportStorage
IsmSendMessageToApp
IsmAppendEnvironmentMultiSz
IsmSetEnvironmentValue
IsmRegisterProgressBarCallback
IsmIsComponentSelected
IsmSelectComponent
IsmAddComponentAlias
IsmGetTempStorage
IsmDestroyObjectHandle
IsmReleaseMemory
IsmDestroyObjectString
IsmReleaseObject
TrackedIsmExpandEnvironmentString
IsmGetTempFile
TrackedIsmDuplicateString
TrackedIsmGetMemory
IsmSetEnvironmentString
IsmGetEnvironmentMultiSz
IsmSetEnvironmentMultiSz
IsmGetObjectTypeName
TrackedIsmGetNativeObjectName
IsmGetObjectTypeId
IsmAcquireObjectEx
TrackedIsmCreateObjectStringsFromHandleEx
TrackedIsmCreateObjectHandle
IsmStartEtmModules
IsmSetEnvironmentFlag
IsmSetPlatform
IsmInitialize
IsmReplacePhysicalObject

shlwapi

StrChrIA
SHGetValueA
PathIsDirectoryA
StrDupA
PathIsRootA
PathAppendA
ord16

cabinet

ord10
ord13
ord11
ord14

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6129708c795371141415c4758c30a474

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

shell32

ole32

comdlg32

comctl32

setupapi

log

migism

shlwapi

cabinet

Sections

.text Size: 69KB - Virtual size: 69KB

.data Size: 2KB - Virtual size: 17KB

.rsrc Size: 149KB - Virtual size: 148KB

.text
Size: 69KB - Virtual size: 69KB

.data
Size: 2KB - Virtual size: 17KB

.rsrc
Size: 149KB - Virtual size: 148KB