834f96def807b70761bdd40d2f6d7993b81c62e08260bf98ed7fe5e06ddb6041

Sharing

Copy URL Twitter E-mail

General

Target

834f96def807b70761bdd40d2f6d7993b81c62e08260bf98ed7fe5e06ddb6041
Size

50KB
MD5

e818ecc90c372948238240d14e80e537
SHA1

c1b657af56cc9f841c5b611f5de9832a92d48bd5
SHA256

834f96def807b70761bdd40d2f6d7993b81c62e08260bf98ed7fe5e06ddb6041
SHA512

7c5054fc7212979fda17ee49f07500c07bf70f330778ca7b541870df296b7ed0ce9be0b7abcbc578c383ad553f13cfe7b43c08f181830a580e0e23e254285aa2
SSDEEP

1536:5/wm83zuz0nhwEZpdwBwrMBZUh36K896If+hRW66N:5/wm6Y0hwYpSwGZUJ6PAI2hh6

Score

N/A

Malware Config

Signatures

Files

834f96def807b70761bdd40d2f6d7993b81c62e08260bf98ed7fe5e06ddb6041
.exe windows x86

a2782aa798239a16c255618d17b4f0ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PostQueuedCompletionStatus
GetThreadLocale
SetFilePointerEx
GetProcessShutdownParameters
GetAtomNameW
CreateSocketHandle
BaseCleanupAppcompatCacheSupport
GetLocaleInfoW
SetConsoleMenuClose
GlobalDeleteAtom
SearchPathW
FindFirstFileA
HeapSummary
VirtualAlloc
LoadLibraryA
GetConsoleCommandHistoryW
GetEnvironmentStringsA
GetTimeZoneInformation
EnumCalendarInfoExW
CallNamedPipeA
FatalExit
ResumeThread
GetVolumePathNamesForVolumeNameW
SetCurrentDirectoryW
SetCommState
VerLanguageNameA
GlobalAddAtomW
AddLocalAlternateComputerNameA
GetConsoleAliasExesLengthW
PrivMoveFileIdentityW
FillConsoleOutputCharacterA
FlushViewOfFile
SetNamedPipeHandleState
LocalFlags

shlwapi

SHEnumKeyExW
PathRemoveFileSpecA
PathMakePrettyW
PathFindNextComponentW
StrFormatKBSizeA
PathRemoveBackslashW
DelayLoadFailureHook
SHRegDuplicateHKey
AssocCreate
PathCompactPathExW
UrlIsOpaqueW
StrCatBuffA
AssocQueryKeyW
PathRemoveArgsA
PathCanonicalizeA
PathGetCharTypeA
PathIsUNCServerShareA
PathFindExtensionW
PathUnExpandEnvStringsW
PathRemoveExtensionW
StrStrNIW
PathRenameExtensionA
StrRetToBSTR
StrNCatW
UrlIsOpaqueA
PathUndecorateA
PathIsDirectoryA
PathUndecorateW
SHRegGetUSValueA
UrlCombineW
PathMakePrettyA
StrCatW
StrCSpnA
SHRegGetPathW

msls31

LsGetReverseLsimethods
LsCreateContext
LsSqueezeSubline
LsDisplayLine
LsFindPrevBreakSubline
LssbGetObjDimSubline
LsdnModifyParaEnding
LsFetchAppendToCurrentSubline
LsQueryLinePointPcp
LsSetModWidthPairs
LsGetMinDurBreaks
LsdnSetRigidDup
LsDestroyContext
LsResetRMInCurrentSubline
LsdnFinishDelete
LsdnFinishByOneChar
LsSetExpansion
LsGetTatenakayokoLsimethods
LssbGetDurTrailWithPensInSubline
LssbFDoneDisplay
LsFinishCurrentSubline
LssbGetDurTrailInSubline
LsQueryPointPcpSubline
LsPointXYFromPointUV
LsdnSetAbsBaseLine
LsGetWarichuLsimethods
LsCreateLine
LsdnQueryObjDimRange
LssbGetVisibleDcpInSubline
LsdnQueryPenNode
LsEnumLine
LsAppendRunToCurrentSubline

user32

LoadIconW
CheckRadioButton
DestroyAcceleratorTable
DdeQueryNextServer
GetClassNameA
MessageBoxIndirectA
CtxInitUser32
ResolveDesktopForWOW
GetAltTabInfoW
CharUpperW
SetMenu
GetMenuStringA
UnhookWindowsHook
LoadBitmapA
GetScrollRange
SetWindowLongA
CharNextW
WCSToMBEx
EnumWindows
EndDeferWindowPos
CreateMenu
OemToCharBuffW
GetDialogBaseUnits
SetClipboardViewer
LockWindowUpdate

msvfw32

DrawDibStop
DrawDibRealize
MCIWndCreateA
ICDrawBegin
ICLocate
ICMThunk32
ICGetDisplayFormat
ICCompressorChoose
GetSaveFileNamePreviewA
ICDecompress
DrawDibChangePalette
ICSendMessage
ICDraw
DrawDibEnd
MCIWndCreate
DrawDibClose
MCIWndRegisterClass
ICInstall
DrawDibGetBuffer
ICCompressorFree
ICImageDecompress
ICInfo
StretchDIB
ICGetInfo
ICOpenFunction
GetOpenFileNamePreviewA
GetOpenFileNamePreviewW
ICSeqCompressFrame

msasn1

ASN1BEREncZeroMultibyteString
ASN1BERDecCheck
ASN1objectidentifier_cmp
ASN1CEREncChar32String
ASN1_GetDecoderOption
ASN1char32string_free
ASN1BEREoid2DotVal
ASN1BERDecOpenType
ASN1DecSetError
ASN1BEREncBitString
ASN1BERDecBitString2
ASN1BERDecZeroChar16String
ASN1intx_setuint32
ASN1intx2uint32
ASN1bitstring_free
ASN1uint32_uoctets
ASN1BERDecBool
ASN1BEREncNull
ASN1generalizedtime_cmp
ASN1BEREncExplicitTag
ASN1BERDecS32Val
ASN1CEREncBeginBlk
ASN1CEREncUTCTime
ASN1ztchar16string_cmp
ASN1BERDecOctetString2
ASN1BEREncSX

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a2782aa798239a16c255618d17b4f0ab

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shlwapi

msls31

user32

msvfw32

msasn1

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 8KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB