821d7e308f8e5b0a7e60e6089a7e6498797f31b7f5dde9a81c162eb055d65dc3

Sharing

Copy URL

Twitter E-mail

General

Target

821d7e308f8e5b0a7e60e6089a7e6498797f31b7f5dde9a81c162eb055d65dc3
Size

204KB
MD5

9402d0b3123a94229ad197fdbd33bec4
SHA1

86e4b24a88ed8de6100c5f23757daf130aef8416
SHA256

821d7e308f8e5b0a7e60e6089a7e6498797f31b7f5dde9a81c162eb055d65dc3
SHA512

50563934ce26757d805a898bae9e28d24e73515cf7590be3e33481330ca1d099faf1296e641f8a1f1bbaff97275c00f9c6012d76b0003ecdb8b752a087f460d1
SSDEEP

1536:MD+Bo6q2kwMIoOscdXTgW4lAXUgKRh5vVHXxxzq+PbFxdyl/hr7QCllArlM0Yea6:MD6oZjxxzq+PbFDoFzll2ks3

Score

N/A

Malware Config

Signatures

Files

821d7e308f8e5b0a7e60e6089a7e6498797f31b7f5dde9a81c162eb055d65dc3
.exe windows x86

702bfc201fef06fefc855b5795f7146c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3
setlocale
??2@YAPAXI@Z
_wtoi
??3@YAXPAX@Z
swscanf
memmove
free
_wsplitpath
_wmakepath
malloc

advapi32

RegOpenKeyExA
RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCreateKeyW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueW
RegDeleteValueW
RegQueryValueExW
RegOpenKeyW
RegCloseKey

kernel32

GetModuleHandleW
CloseHandle
CreateFileW
GetFileAttributesW
lstrlenW
GetProcAddress
RemoveDirectoryW
FindClose
FindNextFileW
DeleteFileW
SetFileAttributesW
FindFirstFileW
GlobalAlloc
GetLastError
LoadLibraryW
SetLastError
GetModuleFileNameW
OutputDebugStringA
GetPrivateProfileIntW
SetCurrentDirectoryW
GetWindowsDirectoryW
GetCurrentDirectoryW
LocalFree
LocalAlloc
LoadLibraryA
FreeLibrary
GlobalFree
SetErrorMode
GetCommandLineW
ExitProcess
CreateFileMappingW
InterlockedIncrement
InterlockedDecrement
FormatMessageW
MulDiv
GetCurrentProcess
GetVersionExW
TerminateProcess
GetExitCodeThread
GetModuleHandleA
GetSystemDirectoryW
lstrcatW
SearchPathW
GetPrivateProfileStringW
lstrcmpiW
lstrcpyW
lstrcpynW
CreateProcessW

gdi32

GetDeviceCaps
StretchBlt
BitBlt
SetTextColor
GetTextMetricsW
SetBkColor
SetMapMode
GetMapMode
CreateBitmap
DPtoLP
GetStockObject
SetBkMode
GetObjectW
CreateFontIndirectW
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
DeleteDC
DeleteObject

user32

GetDC
DispatchMessageW
TranslateMessage
WaitMessage
PeekMessageW
wsprintfW
SendMessageW
CallWindowProcW
SetWindowLongW
MessageBoxW
LoadStringW
TranslateAcceleratorW
GetWindowLongW
DestroyWindow
GetMessageW
DialogBoxParamW
GetSysColor
GetDlgItem
MoveWindow
GetSystemMetrics
GetWindowRect
CheckRadioButton
EndDialog
IsDlgButtonChecked
GetDlgCtrlID
LoadStringA
LoadImageW
LoadAcceleratorsW
ReleaseDC
SetMessageQueue
BringWindowToTop
SetForegroundWindow
GetLastActivePopup
FindWindowW
PostMessageW
ShowWindow
GetParent
CharNextW
CharPrevW
SetWindowTextW
SetWindowPos
EnableWindow
MsgWaitForMultipleObjects
CheckDlgButton
GetWindowTextW
DefWindowProcW
FillRect
GetClientRect
GetSysColorBrush
LoadCursorW
SetCursor
ExitWindowsEx
SendDlgItemMessageW
UpdateWindow
MapWindowPoints
InvalidateRect
IsRectEmpty
GetUpdateRect
IsWindowVisible
EnumThreadWindows
GetFocus
SetFocus
IsWindowEnabled
GetWindow
EnumChildWindows
RegisterClassExW
CreateWindowExW
CreateDialogParamW
GetDesktopWindow
MessageBeep
IsChild
GetNextDlgTabItem
LoadIconW
PostQuitMessage
DrawFocusRect
InflateRect
OffsetRect
CopyRect
DrawTextW
RedrawWindow
EndPaint
DrawEdge
BeginPaint
DrawIcon
RegisterClassW
UnregisterClassW
GetClassInfoW

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetMalloc
ShellExecuteW

ole32

CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysFreeString

shlwapi

PathIsFileSpecW
PathIsURLW

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

702bfc201fef06fefc855b5795f7146c

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 55KB - Virtual size: 55KB

.data Size: 5KB - Virtual size: 10KB

.rsrc Size: 143KB - Virtual size: 142KB

.text
Size: 55KB - Virtual size: 55KB

.data
Size: 5KB - Virtual size: 10KB

.rsrc
Size: 143KB - Virtual size: 142KB