896dc34fc3b7760476c4487bbadd4a4583effc54766703c9c5450ce5fb1ff034

Sharing

Copy URL Twitter E-mail

General

Target

896dc34fc3b7760476c4487bbadd4a4583effc54766703c9c5450ce5fb1ff034
Size

289KB
MD5

4382cbd41339b59c544fc5dc47995656
SHA1

0ddd1f2530b299df98cf50b9aaa3e82ef2654067
SHA256

896dc34fc3b7760476c4487bbadd4a4583effc54766703c9c5450ce5fb1ff034
SHA512

a25111dd1770c8b8b3dc3a42fce2687417b5bcb6a4eb35acc3ee4b3a073888ada74c1113f7e1ce3fb222d1dc8b75d6f12daffcd0838f89d72d495c789928dcf9
SSDEEP

6144:g3qbAHG42WUXJgcbKox6gSyoFTamQBQqdzBcFTaVWQJ:g6ATaSoNMFTABQqfcFTaW6

Score

N/A

Malware Config

Signatures

Files

896dc34fc3b7760476c4487bbadd4a4583effc54766703c9c5450ce5fb1ff034
.exe windows x86

ea447673f9b0a360a8589277e9fd3b42

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndDeferWindowPos
MessageBoxExA
EnumThreadWindows
GetWindowRect
SendDlgItemMessageA
SetParent
GetDlgCtrlID
GetTopWindow
IsWindowUnicode
EndDialog
ShowWindow
GetWindowTextLengthA
SetDlgItemTextA
SetClipboardData
TranslateMessage
DispatchMessageA
LoadCursorA
CreateDialogIndirectParamA

advapi32

RegDeleteValueA
OpenBackupEventLogW
RegCreateKeyExA
AdjustTokenPrivileges
CloseEventLog
RegUnLoadKeyA
RegSetValueA
GetTokenInformation
RegEnumValueA
ClearEventLogA
NotifyChangeEventLog

kernel32

GetStartupInfoA
TlsSetValue
FreeEnvironmentStringsA
SuspendThread
OpenSemaphoreA
ResumeThread
TlsGetValue
GetCurrencyFormatA
GlobalMemoryStatus
LocalReAlloc
HeapValidate
GetACP
SetLocaleInfoA
VirtualQuery
HeapLock
GetCPInfo
GetUserDefaultLangID
OpenMutexA
GetPrivateProfileIntA
GetModuleHandleA
GetProcAddress
LocalHandle
LCMapStringA
VirtualAllocEx
OpenEventA

activeds

ord23
ord3
ord19
ord5
ord21
ord22
ord16
ord8
ord18
ord17

winscard

SCardListReadersA

wtsapi32

WTSSetUserConfigW
WTSQueryUserConfigW
WTSEnumerateServersW
WTSVirtualChannelRead
WTSDisconnectSession
WTSEnumerateSessionsA
WTSSetUserConfigA
WTSWaitSystemEvent
WTSVirtualChannelQuery
WTSEnumerateProcessesA
WTSFreeMemory
WTSVirtualChannelWrite
WTSQueryUserConfigA
WTSOpenServerA

msvcrt

_exit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_XcptFilter

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 266KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea447673f9b0a360a8589277e9fd3b42

Headers

File Characteristics

Imports

user32

advapi32

kernel32

activeds

winscard

wtsapi32

msvcrt

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 266KB - Virtual size: 265KB

.data Size: 512B - Virtual size: 317KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 266KB - Virtual size: 265KB

.data
Size: 512B - Virtual size: 317KB

.rsrc
Size: 17KB - Virtual size: 16KB