40e5ba111d4366cc8850bb3542f29da388839d43d51e63b3a1e591a6cfecd086

General

Target

40e5ba111d4366cc8850bb3542f29da388839d43d51e63b3a1e591a6cfecd086
Size

1.8MB
MD5

1df6b4d33320717a0a38c653753c4b39
SHA1

1472d8efbbb048ade8f10b729c92cc057b63c95f
SHA256

40e5ba111d4366cc8850bb3542f29da388839d43d51e63b3a1e591a6cfecd086
SHA512

acceeabf4f08cdebf4de7944710ca45a2f2c9e55dd077ddab6d1e4042c2c8c129f9c8967916310c9a860b9e8c47a88d1f67f9cceb3ab035de32ee8cf9499a6af
SSDEEP

49152:XrmQjKgWsFAvPHRh7AuEhxXHcgThArBRQ+sgLs:XaQGdsFAvPxK9tcgk3sgQ

Score

N/A

Malware Config

Signatures

Files

40e5ba111d4366cc8850bb3542f29da388839d43d51e63b3a1e591a6cfecd086
.exe windows x86

1316788f8b04283a26cb0a0877c7a245

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeviceIoControl
GetDateFormatA
GetProcessTimes
HeapValidate
GetBinaryTypeA
GetGeoInfoA
CloseHandle
GetShortPathNameA
GetAtomNameA
GetProcAddress
CreateNamedPipeA
GetCurrentDirectoryA
GetConsoleAliasW
SleepEx
GetStringTypeA
GetCurrentProcess
GetFullPathNameA
ReadConsoleA
GetNumberFormatW
FormatMessageA
GetPrivateProfileIntA
GetTimeFormatA
GetTickCount
GetProcessHeap
CreateDirectoryA
WriteConsoleA
CompareStringA
LoadLibraryA
SetEnvironmentVariableW

modemui

CountryRunOnce
drvCommConfigDialogA
InvokeControlPanel
drvSetDefaultCommConfigA
drvGetDefaultCommConfigA

user32

GetMessageA
DialogBoxParamA
IsWindow
IsDialogMessageA
LoadCursorA
LoadImageA
GetCaretPos
PeekMessageA
IsCharLowerW
PostMessageA
CreateWindowExA

wtsapi32

WTSVirtualChannelOpen
WTSVirtualChannelClose
WTSUnRegisterSessionNotification
WTSSetUserConfigW
WTSLogoffSession
WTSVirtualChannelQuery
WTSQuerySessionInformationA
WTSVirtualChannelWrite
WTSVirtualChannelPurgeInput
WTSEnumerateServersA
WTSSendMessageA

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 155B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1316788f8b04283a26cb0a0877c7a245

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

modemui

user32

wtsapi32

Sections

.text Size: 44KB - Virtual size: 40KB

.data Size: 4KB - Virtual size: 155B

.rsrc Size: 1.8MB - Virtual size: 1.8MB

.text
Size: 44KB - Virtual size: 40KB

.data
Size: 4KB - Virtual size: 155B

.rsrc
Size: 1.8MB - Virtual size: 1.8MB