320e3381e807b3f3bb42853078baff78e271a99a1a97d8748db9b96eee7aded1

Sharing

Copy URL Twitter E-mail

General

Target

320e3381e807b3f3bb42853078baff78e271a99a1a97d8748db9b96eee7aded1
Size

72KB
MD5

0514927422bcc62e5d22e1e8c6da5f43
SHA1

d6bc3e6a7151a1ded5473b50d1ca60d962d28767
SHA256

320e3381e807b3f3bb42853078baff78e271a99a1a97d8748db9b96eee7aded1
SHA512

cd00895fa23c62dbb7aed30e00d9648fd10608d6098367a65b1d1a88317d71eef0b20ef113b217b4f62c038478981d7c58e6caa0fc182cc60247e451934ea496
SSDEEP

1536:GAQsCXNWn8YudIN8u3qRq3HqkLmGDRZmRXc0cYKmoqXAGCEB:wM8kOIvD2XPcYKrOmQ

Score

N/A

Malware Config

Signatures

Files

320e3381e807b3f3bb42853078baff78e271a99a1a97d8748db9b96eee7aded1
.bz2
sample
.exe windows x86

9cc04a64fbb4265979ac108e3e12e7c8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHLoadNonloadedIconOverlayIdentifiers
SHGetFolderPathW
StrCmpNIA
SHFileOperationA
DllUnregisterServer
SHFileOperationA
ShellExec_RunDLLA
Shell_NotifyIconA
SHCreateProcessAsUserW
StrStrW
SHCreateDirectoryExA
InternalExtractIconListW
Control_RunDLLAsUserW
SHQueryRecycleBinW
OpenAs_RunDLL
ExtractIconEx
RealShellExecuteA
SHGetNewLinkInfo
DragQueryFileW
SheChangeDirA
Control_RunDLL
StrRStrA
SHGetNewLinkInfo
RealShellExecuteW
ShellExecuteEx
SHGetDesktopFolder
ShellExecuteA
ShellAboutA

user32

SendInput
CallWindowProcW
DdeConnectList
GetAltTabInfoA
EnumDesktopWindows
EditWndProc
LoadLocalFonts
DefMDIChildProcA
SendMessageTimeoutA
SetRectEmpty
SetMenuInfo
LockSetForegroundWindow
WinHelpW
GetActiveWindow
EnumWindows
SetMenuItemInfoW
EnumDesktopsA
GetWindowLongW
DdeCreateDataHandle
GetMenuItemInfoW
SetClassLongA
GetFocus
GetProcessWindowStation
SetWindowsHookA

gdi32

GdiTransparentBlt
SetRectRgn
GetGlyphOutline
SetArcDirection
GetBitmapDimensionEx
ResetDCA
AbortDoc
GetSystemPaletteUse
GdiDescribePixelFormat
GetBitmapDimensionEx
GdiGetDevmodeForPage
GetSystemPaletteUse
GetGlyphIndicesW
GdiConvertEnhMetaFile
RectInRegion
GdiEntry12
GetBitmapDimensionEx
SetLayout
GdiGetLocalDC
SetArcDirection
ExtCreatePen

kernel32

GetUserDefaultLangID
GetProcessShutdownParameters
MulDiv
RtlFillMemory
LoadLibraryA
GetThreadPriorityBoost
GetWriteWatch
lstrcmpiA
CreateMailslotA
IsDebuggerPresent
CancelDeviceWakeupRequest
ScrollConsoleScreenBufferW
OpenEventW
lstrcmp
MoveFileWithProgressA
CreateDirectoryExW
UnregisterWait
GetTempPathW
ConsoleMenuControl
lstrcat
SetCriticalSectionSpinCount
FreeConsole
FreeUserPhysicalPages
WriteConsoleInputW
HeapCompact
SetCommMask
CopyFileExA
ReadConsoleOutputCharacterW

advapi32

LsaICLookupSids
RegCreateKeyExW
SystemFunction013
ObjectCloseAuditAlarmA
AccessCheckByTypeAndAuditAlarmW
ConvertStringSDToSDRootDomainA
FindFirstFreeAce
CreateTraceInstanceId
RegCreateKeyExW
SetSecurityDescriptorOwner
ConvertSecurityDescriptorToAccessNamedW
RegSetValueA
GetTrusteeFormW
LsaQueryInfoTrustedDomain
MakeAbsoluteSD
LookupPrivilegeDisplayNameW
ImpersonateLoggedOnUser
GetNumberOfEventLogRecords
RegSaveKeyA
OpenThreadToken
SetEntriesInAccessListW
RegDeleteKeyW
ElfOpenEventLogA

Sections

.text
Size: 72KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9cc04a64fbb4265979ac108e3e12e7c8

Headers

DLL Characteristics

File Characteristics

Imports

shell32

user32

gdi32

kernel32

advapi32

Sections

.text Size: 72KB - Virtual size: 92KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 7KB - Virtual size: 8KB

.text
Size: 72KB - Virtual size: 92KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 7KB - Virtual size: 8KB