c06f826d40e0b1c9b5b583a8f6888035f7bf2318817a2e4e13f763fec10d2e2c

Sharing

Copy URL

Twitter E-mail

General

Target

c06f826d40e0b1c9b5b583a8f6888035f7bf2318817a2e4e13f763fec10d2e2c
Size

37KB
MD5

d626869cb9b2178ce13f9ceb88d4a4b0
SHA1

ba593929998d719734b61f34f88b0468b4c560e0
SHA256

c06f826d40e0b1c9b5b583a8f6888035f7bf2318817a2e4e13f763fec10d2e2c
SHA512

2114aa03921b472416fede554fc1b04de61a42f91cfaf93d598c2e30861a66d41af90ee888a615058e044340cad4b85717dca6816a609f262a10102e18aade5a
SSDEEP

768:gm70XMoVVxiwI0YzjNZombSxHFyq34M6NoWLv171J6hInoa:XXJ30ywp34M6Fv16hIoa

Score

N/A

Malware Config

Signatures

Files

c06f826d40e0b1c9b5b583a8f6888035f7bf2318817a2e4e13f763fec10d2e2c
.exe windows x86

119010e51ab3a0a7f4a401284f37a517

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memmove

advapi32

RegSetValueW
RegQueryInfoKeyW
RegQueryValueExW
RegEnumValueW
RegOpenKeyExW
RegCloseKey
RegQueryValueW
RegEnumKeyExW
RegOpenKeyW
RegSetValueExW
RegCreateKeyW
RegDeleteKeyW
RegEnumKeyW

kernel32

FindFirstFileW
SetLastError
GetProcAddress
GetModuleHandleW
ExpandEnvironmentStringsW
MultiByteToWideChar
SetFilePointer
ReadFile
CreateFileW
LocalFree
FreeResource
LockResource
LoadResource
CloseHandle
FreeLibrary
EnumResourceNamesW
LoadLibraryExW
SetErrorMode
GetPrivateProfileStringW
WriteFile
FindClose
GlobalSize
GlobalReAlloc
GlobalUnlock
DeleteFileW
GetTempFileNameW
GetEnvironmentVariableW
lstrlenA
GetModuleFileNameW
RemoveDirectoryW
SetFileAttributesW
GetLastError
MoveFileW
MulDiv
WritePrivateProfileStringW
WinExec
LoadLibraryW
GetThreadLocale
ExitProcess
GetStartupInfoW
GetCommandLineW
SearchPathW
GetWindowsDirectoryW
GetSystemTimeAsFileTime
CreateProcessW
Sleep
GlobalAlloc
GlobalLock
lstrcmpW
GetPrivateProfileSectionW
lstrcpyW
lstrcatW
GlobalFree
lstrcpynW
lstrlenW
lstrcmpiW
LocalAlloc
FindResourceW

gdi32

GetTextExtentPointW
GetTextExtentExPointW
GetDeviceCaps

user32

LoadCursorW
SetCursor
SystemParametersInfoW
wvsprintfW
GetSystemMetrics
GetLastActivePopup
MessageBoxW
GetDlgItem
PeekMessageW
DispatchMessageW
SendDlgItemMessageW
GetDC
GetClientRect
ReleaseDC
DestroyWindow
CreateDialogParamW
SetDlgItemTextW
GetSystemMenu
EnableMenuItem
CopyRect
LookupIconIdFromDirectory
DdeDisconnectList
DdeUninitialize
SetForegroundWindow
DdeInitializeW
DdeCreateStringHandleW
DdeFreeStringHandle
GetDesktopWindow
GetClassNameW
DdeConnectList
DdeQueryNextServer
FindWindowW
GetWindow
SetPropW
CharNextW
LoadStringW
wsprintfW
DdeClientTransaction
GetPropW

comctl32

ord236
ord73
ord17
ord324
ord235
ord358
ord334
ord328
ord332
ord365
ord320
ord321
ord326
ord323

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shell32

SHChangeNotify
ord57
ord39
ord175
ord36
ord49
ord45
ord165
ord119
ord58
ord52
ord56
ord51
SHAddToRecentDocs
ord79
ord164
ord35
ord34
ord94
ord157
ord23
SHGetSpecialFolderLocation
ord128
ord31
ord32
ord29
FindExecutableW
ord37
ord33
ord25
ord195
ord196
ShellExecuteExW
SHGetPathFromIDListW
ord96
ord155
ord63

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

119010e51ab3a0a7f4a401284f37a517

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

comctl32

version

shell32

Sections

.text Size: 30KB - Virtual size: 30KB

.data Size: 512B - Virtual size: 608B

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 30KB - Virtual size: 30KB

.data
Size: 512B - Virtual size: 608B

.rsrc
Size: 5KB - Virtual size: 4KB