becc35a948539b33b8cf4e02118809159e5b442032a063738e0a4af0988db84c

Sharing

Copy URL Twitter E-mail

General

Target

becc35a948539b33b8cf4e02118809159e5b442032a063738e0a4af0988db84c
Size

883KB
MD5

f7e63daa8a772a5553cc4055c7856034
SHA1

78002af4c252f65527df6de6433677bbe39b5ddb
SHA256

becc35a948539b33b8cf4e02118809159e5b442032a063738e0a4af0988db84c
SHA512

0669bf5b77d1bb4a19120df13ddd122ba678c1515897c51923b4263ed67cb835bc5e9e4220e75c2eec257a98a2aeb9f6223cdfcb05da6f777f06f3c86a9fd5bd
SSDEEP

12288:RI7WH0zZFLNhgp2zm13QCe29TCuJq0SS+bQsj5UH5fxqa9Ypni4KhO0+:auuhTm1375FQ05lq5Q54g+i4Khe

Score

N/A

Malware Config

Signatures

Files

becc35a948539b33b8cf4e02118809159e5b442032a063738e0a4af0988db84c
.exe windows x86

7c64bb199dfaeda68d07b54766b698d0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatA
FindResourceW
UpdateResourceA
SetCurrentDirectoryW
GetCurrentProcess
CloseHandle
GetLongPathNameA
GetEnvironmentVariableA
GetNumberFormatW
GetShortPathNameW
GetPrivateProfileIntA
CreateFileA
GetProcessId
ReadFile
HeapCreate
CreateDirectoryA
WaitForSingleObjectEx
GetVersionExA
LoadLibraryA
FormatMessageA
CreateNamedPipeA
GetTickCount
CompareStringA
GetFullPathNameA
ReadConsoleA
lstrcmpiA
WriteConsoleA
GetCurrentDirectoryA
GetDateFormatW
HeapAlloc
GetAtomNameA
GetComputerNameA

resutils

ResUtilDupString
ClusWorkerTerminate
ClusWorkerCreate
ClusWorkerStart

cmpbk32

PhoneBookFreeFilter
PhoneBookEnumNumbers
PhoneBookLoad
PhoneBookCopyFilter

wtsapi32

WTSSetUserConfigW
WTSEnumerateProcessesA
WTSWaitSystemEvent
WTSUnRegisterSessionNotification
WTSVirtualChannelWrite
WTSQuerySessionInformationA
WTSOpenServerW
WTSSendMessageA
WTSVirtualChannelOpen
WTSVirtualChannelClose
WTSQueryUserToken
WTSEnumerateServersW
WTSSetSessionInformationW
WTSVirtualChannelRead
WTSLogoffSession
WTSVirtualChannelPurgeInput
WTSRegisterSessionNotification

user32

EnableWindow
LoadImageW
GetWindowLongW
IsChild
IsWindowVisible
GetWindowTextA
IsWindow
GetDlgItemTextA
IsCharLowerW
wsprintfW
DispatchMessageA
PostMessageA
DialogBoxParamA
GetCaretPos

rsaenh

CPDeriveKey
CPGenKey

advapi32

IsValidSecurityDescriptor
RegQueryValueA
RegEnumValueA
IsValidAcl
RegDeleteKeyA
IsValidSid
RegFlushKey
RegCreateKeyA
InitializeSid
OpenServiceA

uxtheme

IsThemeActive
GetWindowTheme
GetThemeEnumValue
GetThemeSysSize
GetThemeColor
GetThemeTextMetrics
GetThemeRect
OpenThemeData
CloseThemeData
GetThemeInt
GetThemeBool
DrawThemeEdge
DrawThemeBackground

Sections

.text
Size: 865KB - Virtual size: 864KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c64bb199dfaeda68d07b54766b698d0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

resutils

cmpbk32

wtsapi32

user32

rsaenh

advapi32

uxtheme

Sections

.text Size: 865KB - Virtual size: 864KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 865KB - Virtual size: 864KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 13KB - Virtual size: 12KB