8a32495c8edf486d5236d50dd02e291c6dccdd73c4b0889d499f3bb91c5b03b1

General

Target

8a32495c8edf486d5236d50dd02e291c6dccdd73c4b0889d499f3bb91c5b03b1
Size

1.9MB
MD5

d0a33d0e1968db923f1b927a0fac6b52
SHA1

89dabb64e741b1d8f31913195ce911da4a703223
SHA256

8a32495c8edf486d5236d50dd02e291c6dccdd73c4b0889d499f3bb91c5b03b1
SHA512

59a652b38c89b7e294bd7e02db4a8a6a35d66a6ae5f179d7312eaf4c978eee7e9b4cc8cde2d369ff96b2c8e767515b8613f3faacf1bf5381fceb4d4ae5ca679e
SSDEEP

49152:lf6ran/DDwVIHBp+j61indRCiSfrVmnqxosat2pEEr:nweaBammFe

Score

N/A

Malware Config

Signatures

Files

8a32495c8edf486d5236d50dd02e291c6dccdd73c4b0889d499f3bb91c5b03b1
.exe windows x86

a9859729505b4eb14f2b0433a21f0c60

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

modemui

drvGetDefaultCommConfigA
CountryRunOnce

kernel32

WaitForSingleObject
GetNumberFormatW
GetAtomNameA
GetProcessHeap
GetConsoleTitleA
DeviceIoControl
lstrcpynA
GetProcAddress
GetProcessId
FormatMessageA
GetFullPathNameA
SystemTimeToFileTime
GetPrivateProfileIntA
ReadConsoleA
GetModuleHandleA
WriteConsoleA
GetGeoInfoA
GetTimeFormatA
GetDateFormatA
UpdateResourceA
CompareStringA
CreateNamedPipeA
HeapValidate

advapi32

RegFlushKey
RegEnumKeyA
IsValidSecurityDescriptor
RegDeleteKeyA
ControlService
IsValidSid
RegCloseKey
CreateServiceA
IsTextUnicode
OpenServiceA
RegOpenKeyExA
RegSaveKeyA
RegDeleteValueA
IsValidAcl
RegQueryValueA

user32

PeekMessageA
CharToOemA
IsZoomed
CreateWindowExA
LoadImageA
DialogBoxParamA
SetCursorPos
IsCharLowerW
DispatchMessageA
wsprintfA
IsDialogMessageA
GetCaretPos
GetMessageA
LoadCursorA
PostMessageA
GetWindowLongA

clbcatq

SetSetupSave
DowngradeAPL
ComPlusMigrate

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9859729505b4eb14f2b0433a21f0c60

Headers

DLL Characteristics

File Characteristics

Imports

modemui

kernel32

advapi32

user32

clbcatq

Sections

.text Size: 111KB - Virtual size: 110KB

.data Size: 35KB - Virtual size: 34KB

.tls Size: 512B - Virtual size: 84B

.rsrc Size: 1.7MB - Virtual size: 1.7MB

.text
Size: 111KB - Virtual size: 110KB

.data
Size: 35KB - Virtual size: 34KB

.tls
Size: 512B - Virtual size: 84B

.rsrc
Size: 1.7MB - Virtual size: 1.7MB