87d7a2021fa7a0993325a9c4403cd6e5e121d5bc5ad99c9b4059899f32c55320

General

Target

87d7a2021fa7a0993325a9c4403cd6e5e121d5bc5ad99c9b4059899f32c55320
Size

38KB
MD5

735e518d896b6aa1146e68f2bd849c26
SHA1

ca18f38756d8006d1a3f4ac28706f9554918ff61
SHA256

87d7a2021fa7a0993325a9c4403cd6e5e121d5bc5ad99c9b4059899f32c55320
SHA512

1fd64cb3a525094a419fa470d3ea2203ab18a2eed7ef8964e395560426d56c97906a74f4d86632ddaa43a79ef78c85b6990031b427b713a43ec9049918577243
SSDEEP

768:4+G99uUX3ryNwQ9KrtcL3Js0Ul1Lud1kU234QfN:y99HX3ryyYjJBUfLweU0l

Score

N/A

Malware Config

Signatures

Files

87d7a2021fa7a0993325a9c4403cd6e5e121d5bc5ad99c9b4059899f32c55320
.exe windows x86

dbd2ae6ea1566eb9317bbf638a48729e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

TransparentBlt
GradientFill
DllInitialize

certcli

CACloseCertType
CADeleteCA
CAEnumFirstCA
CACloseCA

user32

LoadImageA
PeekMessageA
wsprintfA
DialogBoxParamA
DispatchMessageA
CreateWindowExA
CharToOemA
GetCaretPos
IsWindow
LoadCursorA
GetWindowLongA
GetWindowTextA
SetCursorPos

kernel32

DeviceIoControl
ReadConsoleA
GetAtomNameA
GetBinaryTypeA
GetCurrentProcess
WriteConsoleA
GetGeoInfoA
GetNumberFormatW
GetFullPathNameA
CreateDirectoryA
GetConsoleAliasW
SetEnvironmentVariableW
ReadFile
GetProcessTimes
WaitForSingleObject
GetProcAddress
CompareStringA
GetTickCount
FormatMessageA
GetSystemInfo
GetModuleHandleA
GetConsoleTitleA
GetProcessHeap
CloseHandle
CreateNamedPipeA
GetCurrentDirectoryA
GetStringTypeA
SetFilePointer
lstrcpynW

mprapi

MprAdminDeviceEnum
MprInfoBlockFind
MprAdminConnectionEnum

advapi32

RegFlushKey
CreateProcessAsUserA
IsValidAcl
RegCreateKeyA
RegEnumKeyA
ClearEventLogA
RegQueryValueA
InitializeSid
IsValidSecurityDescriptor
IsValidSid
RegSaveKeyA
RegCloseKey

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dbd2ae6ea1566eb9317bbf638a48729e

Headers

DLL Characteristics

File Characteristics

Imports

msimg32

certcli

user32

kernel32

mprapi

advapi32

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 168B

.rsrc Size: 26KB - Virtual size: 25KB

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 168B

.rsrc
Size: 26KB - Virtual size: 25KB