7d5b4865ced123fc48f1a6fc3106d8348aa11a27be9dc172c094d231d985c654

Sharing

Copy URL Twitter E-mail

General

Target

7d5b4865ced123fc48f1a6fc3106d8348aa11a27be9dc172c094d231d985c654
Size

55KB
MD5

9a9449ba531d14f2c67955ffb5b4e561
SHA1

509e1c05d92bb3103502df2e2ae750528ad41810
SHA256

7d5b4865ced123fc48f1a6fc3106d8348aa11a27be9dc172c094d231d985c654
SHA512

658f261362759aa091ee97b583be883d6218930f32bb7e98fb97cb07dc85982f1a682d68627de142999884cfa2d99eceb26e9cdca2894f27307b3aa7f63f32d4
SSDEEP

768:VMHett6WjZK20IKR2dSORjO1COwIQxN8OjgV9rAzwCuQTPjHi8enHS:VXFjZbLKcdSyXB8zV9rAzwCfbjPenHS

Score

N/A

Malware Config

Signatures

Files

7d5b4865ced123fc48f1a6fc3106d8348aa11a27be9dc172c094d231d985c654
.exe windows x86

33be167cee3a3222e1ad8951ea0e96b5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSWaitSystemEvent
WTSLogoffSession
WTSSetUserConfigW
WTSEnumerateSessionsW
WTSOpenServerW
WTSQueryUserToken
WTSEnumerateProcessesA
WTSQuerySessionInformationA
WTSRegisterSessionNotification
WTSFreeMemory
WTSVirtualChannelClose
WTSSetSessionInformationA
WTSSendMessageA
WTSVirtualChannelOpen
WTSVirtualChannelRead
WTSUnRegisterSessionNotification

shlwapi

UrlIsNoHistoryW
UrlHashA
PathCommonPrefixA
PathCompactPathA
UrlGetLocationA
UrlIsA
UrlCreateFromPathA
UrlCanonicalizeA
UrlCombineA
UrlCompareA

rsaenh

CPGenKey
CPDeriveKey
CPCreateHash
CPEncrypt

certcli

CACloseCA
CAEnumFirstCA
CADeleteCA

kernel32

GetDateFormatA
GetFullPathNameA
GetConsoleAliasW
UpdateResourceA
GetTickCount
CloseHandle
GetCurrentDirectoryA
lstrcpynW
lstrcmpiA
CompareStringA
SetFilePointer
GetBinaryTypeA
SetCurrentDirectoryA
QueryDosDeviceA
GetNumberFormatW
HeapValidate
WriteConsoleA
GetProcAddress
LoadLibraryA
GetGeoInfoA
FormatMessageA
GetStringTypeA
GetCurrentProcess
SetEnvironmentVariableW
ReadConsoleA
GetAtomNameA
GetComputerNameA
CreateDirectoryA
GetPrivateProfileIntA
GetProcessHeap
GetConsoleTitleA
WaitForSingleObject

user32

PostMessageA
GetWindowLongA
LoadCursorA
wsprintfA
GetCaretPos
CreateWindowExA
IsDialogMessageA
DrawIcon
GetWindowTextA
SetCursorPos
GetPropA
PeekMessageA
DialogBoxParamA

modemui

drvCommConfigDialogA
InvokeControlPanel
drvSetDefaultCommConfigA

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33be167cee3a3222e1ad8951ea0e96b5

Headers

DLL Characteristics

File Characteristics

Imports

wtsapi32

shlwapi

rsaenh

certcli

kernel32

user32

modemui

msimg32

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 46KB - Virtual size: 45KB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 46KB - Virtual size: 45KB