592a6d11788cb9ba2acb975025119627b2bb598765b0818bc2e7aeef5260452d

Sharing

Copy URL Twitter E-mail

General

Target

592a6d11788cb9ba2acb975025119627b2bb598765b0818bc2e7aeef5260452d
Size

38KB
MD5

8bd75118b0af3f5930110af819e9e120
SHA1

09e1e306f131ee2caf49aaf88bc37f9db97d4244
SHA256

592a6d11788cb9ba2acb975025119627b2bb598765b0818bc2e7aeef5260452d
SHA512

c3394dc111fde99f4573933fc2e749e89dc0ae18aad2052db1fd9fcacbf19db82b86a1fe99011c831670f1cf7b9300a786360380f40dc5f85291831239a90ee6
SSDEEP

768:VuiW2kscd7qX0JULq2VMVHWAGdUJXsHkaERz5AVpq4VoPbgXIatpsAxn5+H:EiW2ksO7qX0JULpMRWZUVsw1AmbTPY21

Score

N/A

Malware Config

Signatures

Files

592a6d11788cb9ba2acb975025119627b2bb598765b0818bc2e7aeef5260452d
.exe windows x86

58c067723d058b3d21b2a4cfeb318c26

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
VirtualFree
WriteFile
OpenProcess
Sleep
GetFileAttributesW
IsBadWritePtr
CreateFileW
lstrlenW
GetStartupInfoW
WritePrivateProfileStringW
GetLastError
VirtualAlloc
Process32FirstW
WaitForSingleObject
lstrcmpiW
lstrcatW
CreateToolhelp32Snapshot
GetShortPathNameW
GetCurrentThreadId
ReleaseMutex
CloseHandle
EnumResourceLanguagesW
DeleteFileW
lstrcpyW
RtlZeroMemory
CreateThread
GetCurrentProcess
MoveFileExW
FindResourceExW
CreateMutexW
ExitProcess
LockResource
GetProcAddress
SizeofResource
LoadResource
FreeLibrary
FindResourceW
Process32NextW
FreeResource

user32

wsprintfW
LoadIconW
OffsetRect
SystemParametersInfoW
GetDlgItem
SendDlgItemMessageW
SetFocus
SetWindowsHookExW
UnhookWindowsHookEx
MessageBoxW
SetDlgItemTextW
SendMessageW
EnableWindow
SetWindowTextW
CopyRect
GetWindowThreadProcessId
ExitWindowsEx
AttachThreadInput
GetParent
DialogBoxParamW
IsIconic
GetWindowRect
SetWindowPos
EndDialog

msvcrt

memset
wcsncpy
malloc
_wtof
free

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

comctl32

ord17

gdi32

CreateFontW
GetObjectW
DeleteObject

advapi32

RegCloseKey
AdjustTokenPrivileges
RegOpenKeyExW
OpenProcessToken
RegDeleteValueW
LookupPrivilegeValueW
RegQueryValueExW

psapi

GetModuleFileNameExW

shell32

ShellExecuteExW
SHGetPathFromIDListW
ord165
SHBrowseForFolderW
SHGetSpecialFolderPathW

ole32

CoInitialize
CoTaskMemFree
CoUninitialize

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58c067723d058b3d21b2a4cfeb318c26

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcrt

version

comctl32

gdi32

advapi32

psapi

shell32

ole32

Sections

.text Size: 9KB - Virtual size: 9KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 28KB - Virtual size: 27KB