937650fddf313ae3ef708ae9c7d9a817fc59224f609764b6e81caafadb053da4

Sharing

Copy URL

Twitter E-mail

General

Target

937650fddf313ae3ef708ae9c7d9a817fc59224f609764b6e81caafadb053da4
Size

1.0MB
MD5

e67c82e53e874b163e7237838a25b8f9
SHA1

4486ffbfde2f16a27ea40c9e8c7e77a4508d65fe
SHA256

937650fddf313ae3ef708ae9c7d9a817fc59224f609764b6e81caafadb053da4
SHA512

cb2c3a4d4c79bb30d31bfae91d68e3aaf290b6f306d224a7cbe2102e8effa837253f78f513a54476a7975501aa71f6439607c8ca5d862bf27e9689476379f68e
SSDEEP

12288:ANMheRpeY/Nbke+Ev+ZqUHW+s/kKbvRBK8YmscT2CEvMYm17KqU0mJHbLv3AM+Pf:uMhSpJ/+Zq5Q+T/YLmO7LYB646y

Score

N/A

Malware Config

Signatures

Files

937650fddf313ae3ef708ae9c7d9a817fc59224f609764b6e81caafadb053da4
.exe windows x86

c397ab14c9467a6bfa6e11d50a9a6823

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcW
RegisterClassExW
CreateWindowExW
DefWindowProcW
LoadStringW
ReleaseDC
GetDC
InflateRect
EnumChildWindows
PtInRect
UnionRect
CopyRect
ScreenToClient
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
IsZoomed
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
PostMessageW
DrawFrameControl
ChildWindowFromPoint
SetDlgItemTextW
DialogBoxParamW
MoveWindow
SetWindowTextW
GetDlgItem
EndDialog
DialogBoxIndirectParamW
GetScrollInfo
SetScrollInfo
GetParent
GetClassLongW
SetWindowLongW
GetWindowLongW
OffsetRect
IntersectRect
DefFrameProcW
FillRect
GetSysColorBrush
GetSysColor
MapWindowPoints
GetCursorPos
GetWindowRect
GetClientRect
SendMessageW
WaitForInputIdle
ShowWindow
SetFocus
GetMenu
CheckMenuItem
GetSubMenu
InsertMenuW
GetPropW
SetPropW
ScrollWindowEx
ValidateRect
InvalidateRect
GetUpdateRgn
GetUpdateRect
EndPaint
BeginPaint
UpdateWindow
DrawTextW
GetSystemMetrics
SetTimer
ReleaseCapture
SetCapture
GetCapture
DeleteMenu
SetForegroundWindow
MessageBoxW
SetCursor
FindWindowW
FindWindowExW
GetWindowThreadProcessId
LoadCursorW
LoadIconW
DestroyIcon
EnumDisplaySettingsW
GetKeyState
GetFocus
SetWindowPos

comdlg32

PrintDlgW
ChooseColorW
GetSaveFileNameW
GetOpenFileNameW
FindTextW
ChooseFontW

shell32

SHGetSpecialFolderLocation
SHGetFileInfoW
ShellExecuteExW
Shell_NotifyIconW
SHGetMalloc
SHBrowseForFolderW
ShellExecuteW
SHGetPathFromIDListW

ole32

CoTaskMemFree
CoInitialize
CoUninitialize
CoGetInterfaceAndReleaseStream
CoSetProxyBlanket
CoMarshalInterThreadInterfaceInStream
CoCreateInstance

advapi32

RegDeleteValueW
RegOpenKeyExA
RegQueryValueExA
LookupPrivilegeNameW
SetKernelObjectSecurity
IsValidSecurityDescriptor
GetKernelObjectSecurity
CreateProcessAsUserW
RegConnectRegistryW
RegCloseKey
AddAccessAllowedAce
AddAce
InitializeAcl
GetSidSubAuthorityCount
GetSidSubAuthority
GetSidIdentifierAuthority
IsValidSid
SetTokenInformation
QueryServiceConfigW
CopySid
GetLengthSid
RevertToSelf
OpenProcessToken
GetTokenInformation
AdjustTokenPrivileges
EqualSid
AllocateAndInitializeSid
SetServiceObjectSecurity
QueryServiceObjectSecurity
MapGenericMask
RegCreateKeyW
StartServiceW
QueryServiceStatus
FreeSid
GetAce
LookupAccountSidW
LookupAccountNameW
LookupPrivilegeValueW
ImpersonateLoggedOnUser
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyW
RegEnumValueW
RegLoadKeyW
RegOpenKeyW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
RegUnLoadKeyW
RegQueryValueW
CryptAcquireContextW
CryptReleaseContext
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
CloseServiceHandle
OpenSCManagerW
OpenServiceW
ControlService
RegOpenKeyExW

comctl32

ImageList_Create
ImageList_Destroy
InitCommonControlsEx
ImageList_Add
ImageList_ReplaceIcon
CreateToolbarEx
CreatePropertySheetPageW
CreateStatusWindowW
PropertySheetW
ImageList_DrawEx

shlwapi

ColorHLSToRGB
ColorRGBToHLS
UrlUnescapeW

kernel32

EnterCriticalSection
GetStartupInfoA
GetCommandLineA
LeaveCriticalSection
GetCurrentThreadId
GetModuleHandleA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetProcAddress
IsDebuggerPresent
WaitForSingleObject
CreateMutexA
GetLastError
CreateThread
CloseHandle
VirtualAlloc
RtlUnwind
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
LoadLibraryA
InitializeCriticalSectionAndSpinCount
HeapAlloc
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
ReadFile
RaiseException
SetFilePointer
HeapSize
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
ReleaseMutex

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 866KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 907KB - Virtual size: 907KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c397ab14c9467a6bfa6e11d50a9a6823

Headers

DLL Characteristics

File Characteristics

Imports

user32

comdlg32

shell32

ole32

advapi32

comctl32

shlwapi

kernel32

Sections

.text Size: 74KB - Virtual size: 73KB

.rdata Size: 38KB - Virtual size: 37KB

.data Size: 14KB - Virtual size: 866KB

.rsrc Size: 907KB - Virtual size: 907KB

.text
Size: 74KB - Virtual size: 73KB

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 14KB - Virtual size: 866KB

.rsrc
Size: 907KB - Virtual size: 907KB