8d44bd7c311e683a2ffbf3627507529167884573fdd7443cb3189eb6cb66f642

General

Target

8d44bd7c311e683a2ffbf3627507529167884573fdd7443cb3189eb6cb66f642
Size

62KB
MD5

91f3432156884ad9dac48608fb810038
SHA1

eb4dd7d6222100a2838128d0caf215b6fc5f0563
SHA256

8d44bd7c311e683a2ffbf3627507529167884573fdd7443cb3189eb6cb66f642
SHA512

6a4b73c01dda947f9e3bf56f5cfd3b814b7b69f16c279e07022e2f39242ff0bcb9a88aa5c617119740d35a289a71546ad695ae46fff7ff800c6ae4fd09bac095
SSDEEP

1536:jW3YcOs4l8oTcijPzxQNSihQKY3dSti958j:QODbcgzxAQKY3dStiPY

Score

N/A

Malware Config

Signatures

Files

8d44bd7c311e683a2ffbf3627507529167884573fdd7443cb3189eb6cb66f642
.exe windows x86

cf7a9668a4909a751d56cab006fee2b5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawIcon
GetCursorPos
OpenDesktopA
GetWindowLongA
LoadCursorA
FindWindowExA
SetThreadDesktop
SetProcessWindowStation
MsgWaitForMultipleObjects
GetKeyState
GetKeyboardState
EndDialog
GetWindowThreadProcessId
GetWindowTextA
CloseWindowStation
ToUnicode
CharLowerBuffA

shlwapi

SHDeleteKeyA
wnsprintfA
StrCmpNIW
PathRemoveFileSpecW
PathCombineW
PathFileExistsW
wvnsprintfW
PathFindFileNameW
PathMatchSpecW
wvnsprintfA
wnsprintfW

kernel32

HeapReAlloc
SetFileTime
FindClose
VirtualProtect
lstrlenA
OpenMutexW
GetFileSize
GetDiskFreeSpaceW
GetLocalTime
FindResourceW
CreateMutexW
CreateProcessW
TryEnterCriticalSection
MultiByteToWideChar
VirtualAlloc
GetFileSizeEx
GetSystemTime
lstrcmpiA
GetTickCount
CopyFileW
FindFirstFileW
LeaveCriticalSection
GetModuleFileNameW
GetModuleHandleA
UnmapViewOfFile
MulDiv
FindNextFileW
ReleaseMutex

advapi32

CryptDestroyHash
CryptGetHashParam
RegQueryValueExA
CryptReleaseContext
RegCloseKey
RegDeleteValueA
CryptAcquireContextW
CryptCreateHash

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cf7a9668a4909a751d56cab006fee2b5

Headers

DLL Characteristics

File Characteristics

Imports

user32

shlwapi

kernel32

advapi32

Sections

.text Size: 49KB - Virtual size: 48KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 20KB

.text
Size: 49KB - Virtual size: 48KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 20KB