c41a2bb0edf37b0f89b581b29c566be542c97d9c6ddb2da268f1004869ebed34

Sharing

Copy URL Twitter E-mail

General

Target

c41a2bb0edf37b0f89b581b29c566be542c97d9c6ddb2da268f1004869ebed34
Size

283KB
MD5

1826e96a49e29db1352f728b48887e10
SHA1

a693a4f01ce5827002b40477030a0210c4d3a909
SHA256

c41a2bb0edf37b0f89b581b29c566be542c97d9c6ddb2da268f1004869ebed34
SHA512

254397db97a6ce2af3ac68f9bcb28420efab98c9b20cb9606bf5e793d90e7f6bea015e6513d3db50aeab32e71b807aa932d2f9acbc93bfdaae7bf477a6241a1d
SSDEEP

6144:/ciUGPCeR99PENyNrAt4zA+y+L5ao1nVy6X47HG/9:5/BTY40+jL4onSy

Score

N/A

Malware Config

Signatures

Files

c41a2bb0edf37b0f89b581b29c566be542c97d9c6ddb2da268f1004869ebed34
.exe windows x86

92cb56e95a523d00c1219c2b84478d60

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreateStatusWindowA
InitCommonControls
ImageList_Destroy
DestroyPropertySheetPage
ImageList_Create
ImageList_ReplaceIcon
PropertySheetA
ImageList_AddMasked
CreatePropertySheetPageW
ImageList_Draw
CreatePropertySheetPageA
InitCommonControlsEx

msvcrt

_timezone
sprintf
_fileno
_strdup
_dstbias
_makepath
realloc
_snwprintf
_access
_except_handler3
_mbsnbcpy
srand
strrchr

user32

LoadBitmapW
InvalidateRect
GetMessagePos
IsWindowEnabled
SetDlgItemTextW
LoadImageW
CharLowerW
GetProcessWindowStation
InflateRect
UnregisterClassA
SetCapture
CheckDlgButton
LoadStringA
DispatchMessageA
IsWindowVisible
GetCapture
DrawTextW
DialogBoxParamA
SystemParametersInfoW
PostMessageW
MessageBeep
CopyRect
MsgWaitForMultipleObjects
GetWindowDC
MessageBoxA
TrackPopupMenu
EnumChildWindows

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoW
VerQueryValueA
GetFileVersionInfoSizeW

kernel32

WriteConsoleA
HeapReAlloc
GetModuleFileNameA
VirtualFree
WideCharToMultiByte
ExitProcess
GetLocaleInfoA
FormatMessageA
GetSystemInfo
CreateFileW
GetLastError
GetCommandLineW
lstrcmpA
VirtualAlloc
GetCurrentThreadId
GetCurrentProcessId
LoadLibraryA
LCMapStringW
GetModuleHandleW
GetStartupInfoA

ntdll

RtlInitializeCriticalSection
RtlUnicodeToMultiByteN
RtlFreeSid
RtlCompareMemory
NtOpenProcessToken
NtWaitForSingleObject
_wcsicmp
memmove
wcscmp
RtlNtStatusToDosError
NtCreateFile
RtlLengthRequiredSid
NtQueryVirtualMemory
RtlAdjustPrivilege
VerSetConditionMask
RtlEnterCriticalSection
RtlOemStringToUnicodeString
DbgPrint
RtlFreeAnsiString
RtlCreateAcl
NtQuerySystemTime
RtlAllocateHeap
NtQueryInformationFile
RtlDosPathNameToNtPathName_U
NtWriteFile
RtlUnicodeToOemN

shlwapi

PathRemoveBlanksW
PathSkipRootW
StrCmpW
UrlIsW
PathFindFileNameW
StrStrIW
StrStrW
SHDeleteValueW
PathFileExistsW
PathGetDriveNumberW
PathIsUNCW
PathIsURLW
PathFindFileNameA
StrCpyNW
StrCmpNIW
PathRemoveBackslashW
StrCpyW
PathRemoveFileSpecA
StrDupW
SHDeleteValueA
PathCombineW
PathCreateFromUrlW
PathAddBackslashW
StrChrW
SHDeleteKeyA
StrCmpNW

comdlg32

GetSaveFileNameA
ChooseFontW
GetOpenFileNameW
CommDlgExtendedError
GetFileTitleA
GetFileTitleW
ChooseFontA
GetOpenFileNameA
GetSaveFileNameW

gdi32

SetBrushOrgEx
GetBkMode
Arc
GetStockObject
SetEnhMetaFileBits
CreateFontA
SetICMMode
ColorMatchToTarget
SetTextColor
SetBkColor
GetTextCharset
PlayMetaFile
GetDIBits
EndDoc
GetMapMode
CombineRgn
SelectClipRgn
CopyEnhMetaFileW
CreateICW
CreateDCW
CreateFontIndirectW
OffsetRgn
GetClipBox
EndPage
Polyline
CreateRoundRectRgn
ExtTextOutA
GetEnhMetaFilePaletteEntries
SetPaletteEntries
SelectPalette
GetDeviceCaps

advapi32

RegQueryInfoKeyA
RegFlushKey
RegDeleteKeyA
GetTokenInformation
RegCreateKeyExW
InitializeSecurityDescriptor
RegEnumKeyExW
RegQueryValueExW
RegCloseKey
GetSecurityDescriptorControl
FreeSid
RegQueryValueExA
RegDeleteValueW
RegOpenKeyExW
EnumServicesStatusExA
RegSetValueExA
RegEnumValueW
RegQueryInfoKeyW
ChangeServiceConfig2A
OpenServiceA

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 77KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 50KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kdata
Size: 111KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 449B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92cb56e95a523d00c1219c2b84478d60

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

msvcrt

user32

version

kernel32

ntdll

shlwapi

comdlg32

gdi32

advapi32

Sections

.text Size: 36KB - Virtual size: 35KB

.data Size: 7KB - Virtual size: 6KB

.rdata Size: 77KB - Virtual size: 138KB

.adata Size: 50KB - Virtual size: 110KB

.kdata Size: 111KB - Virtual size: 171KB

.reloc Size: 512B - Virtual size: 449B

.text
Size: 36KB - Virtual size: 35KB

.data
Size: 7KB - Virtual size: 6KB

.rdata
Size: 77KB - Virtual size: 138KB

.adata
Size: 50KB - Virtual size: 110KB

.kdata
Size: 111KB - Virtual size: 171KB

.reloc
Size: 512B - Virtual size: 449B