c7000ba354f2d25154a0408b8b09b60dbf5f235bdff4a725d45ec356d979f345

Sharing

Copy URL Twitter E-mail

General

Target

c7000ba354f2d25154a0408b8b09b60dbf5f235bdff4a725d45ec356d979f345
Size

28KB
MD5

8bba01033f728d23262ab1803727a0a9
SHA1

5e50296fd6927633873b2b20fd3a4ff78dd279c2
SHA256

c7000ba354f2d25154a0408b8b09b60dbf5f235bdff4a725d45ec356d979f345
SHA512

24187efb6df390b8758cfc6f476c60e6d16478ead03dde19759823912741bf699677d22a120b2971025b5a432f9a6bf4300676278c6124116396e66999160d12
SSDEEP

384:7EBsQjPGtZqpo5BeGTiE6zNu4TMfuKtErATO0z3af5GZFZ0zJb8+dGb9UM:4NeOpo/eXERE0Txzqf5GZFZ0zJAZUM

Score

N/A

Malware Config

Signatures

Files

c7000ba354f2d25154a0408b8b09b60dbf5f235bdff4a725d45ec356d979f345
.exe windows x86

38e7accead1ba0c6f3109721af6627a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
GetUserDefaultLangID
GetNamedPipeInfo
MoveFileA
GlobalGetAtomNameA
lstrlenW
CreateThread
IsBadStringPtrA
WaitForSingleObject
GetTempPathW
GetCurrentThreadId
GetModuleHandleA
GetFullPathNameA
GetLongPathNameA
CreateMutexW
ReplaceFileA
SearchPathW
DuplicateHandle
GetVolumeInformationW
GetCurrentThread
FatalAppExitA
OpenEventW
CopyFileA
GetModuleHandleA
FatalAppExitW
FreeLibrary
GlobalFindAtomW
CreateEventW
WaitForMultipleObjects
OpenMutexW
SetCalendarInfoA
CreateDirectoryW
GetFullPathNameW
GetTempPathA
GetCurrentProcessId
GetProcAddress
DeleteAtom
OpenMutexA
GetStartupInfoA
CloseHandle
lstrlenA
lstrcpyn
BeginUpdateResourceA

user32

GetSystemMetrics
IsWindowEnabled
CreateDesktopA
CreateDialogParamW
EnumWindows
IsWindow
SetActiveWindow
CreateWindowExA
MessageBoxIndirectA
UpdateWindow
PeekMessageA
RegisterClassA
EnumChildWindows
GetMenuItemCount
FrameRect
GetClassLongW
CharNextA
InvalidateRgn
SetWindowLongW
GetClassNameW
IsChild
SetWindowLongA
EnumDesktopsA
RegisterClassExW
CreateAcceleratorTableA
ShowWindow
GetMenu
GetParent
GetForegroundWindow
DefFrameProcW
LoadCursorA
TrackPopupMenu
MessageBoxA
DefWindowProcW
CheckMenuItem
TrackPopupMenuEx
GetMenuInfo
SendDlgItemMessageW
LoadBitmapA
GetWindowLongA
GetCapture
CreatePopupMenu
LoadBitmapW
GetWindowLongW
GetKeyboardLayout
GetWindowTextLengthA
CloseWindow
GetCaretPos
EnumDesktopsW
DestroyMenu
DefDlgProcW

gdi32

FloodFill
SelectBrushLocal
SetSystemPaletteUse
EnumFontFamiliesA
GetObjectW
EndPage
CreateRoundRectRgn
GetPaletteEntries
SwapBuffers
CreateColorSpaceA
CreateEllipticRgn
GetPixel
OffsetViewportOrgEx
GetCharABCWidthsFloatW

advapi32

RegEnumKeyExW
RegReplaceKeyW
RegDeleteKeyW
RegDeleteKeyA
RegQueryMultipleValuesA
RegQueryValueExW

shell32

SHBrowseForFolderW
ExtractIconExA
SHGetSpecialFolderLocation
ShellExecuteExA
StrNCmpIW
DuplicateIcon
StrRStrIW
ShellExecuteEx

ole32

CoDeactivateObject
CoDosDateTimeToFileTime
OleLoad
CoFileTimeNow
OleCreate
CreateErrorInfo

opengl32

wglSetLayerPaletteEntries
glLightModelf
glTexCoord3d
glColor3i
glClearStencil
wglGetPixelFormat
glColorMask
glMap1f
glClearColor
glListBase

version

VerQueryValueW

urlmon

IsValidURL

winmm

joyGetThreshold
midiInReset
mciExecute
mciGetDeviceIDW
waveOutOpen
joyConfigChanged

winspool.drv

GetPrinterDriverDirectoryW
AbortPrinter
CommitSpoolData
EnumPrintersA

sqlunirl

_AppendMenu_@16

wsock32

WSACancelAsyncRequest
getservbyname
GetAddressByNameW
connect
GetServiceA
htons
getsockopt
WSAAsyncGetProtoByNumber
gethostbyname
WSAAsyncGetServByName
ntohs
GetAcceptExSockaddrs
rexec

Sections

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.*[t
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.`G
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_MEM_READ

.q@$
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38e7accead1ba0c6f3109721af6627a6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

opengl32

version

urlmon

winmm

winspool.drv

sqlunirl

wsock32

Sections

.rdata Size: 5KB - Virtual size: 4KB

.*[t Size: 1KB - Virtual size: 3KB

.text Size: 18KB - Virtual size: 17KB

.`G Size: 1024B - Virtual size: 1KB

.q@$ Size: 10KB - Virtual size: 10KB

.rsrc Size: 32KB - Virtual size: 31KB

.rdata
Size: 5KB - Virtual size: 4KB

.*[t
Size: 1KB - Virtual size: 3KB

.text
Size: 18KB - Virtual size: 17KB

.`G
Size: 1024B - Virtual size: 1KB

.q@$
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 32KB - Virtual size: 31KB