710614dcb009c08e02c1f1755cc0d65438520da28200f7cdfe5fa32fffdc9397

Sharing

Copy URL Twitter E-mail

General

Target

710614dcb009c08e02c1f1755cc0d65438520da28200f7cdfe5fa32fffdc9397
Size

705KB
MD5

6fd02ecff7c5751aec76ec27ae8a1b7d
SHA1

f4ea9f34d5d16bc87df13dd71083fff642e40715
SHA256

710614dcb009c08e02c1f1755cc0d65438520da28200f7cdfe5fa32fffdc9397
SHA512

291ee973264a01a5b23434cb34c756e2f028e218417f1602214884b2209f4e8d74395a6d76d5ee2c8ba07bcffa33602dd1046171d91476b2ba1d849be17ab4a2
SSDEEP

12288:jIf63OLR5y6ITMEmslxgHnp8SDc1w5Ql2gMda:jhCy6iA6yHphcu5w

Score

N/A

Malware Config

Signatures

Files

710614dcb009c08e02c1f1755cc0d65438520da28200f7cdfe5fa32fffdc9397
.exe windows x86

0725c9dbf79c7105d368f175727dc8e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

DestroyPropertySheetPage
ImageList_Read
CreateToolbarEx
ImageList_LoadImageA
InitCommonControls
ImageList_GetDragImage
ImageList_DrawEx
PropertySheetW
ImageList_BeginDrag
ImageList_DragMove

setupapi

SetupDiInstallDevice
SetupDiGetDriverInfoDetailA
CM_Get_DevNode_Status_Ex
SetupDiCreateDevRegKeyW
SetupDiSetDeviceInstallParamsW
SetupDiClassNameFromGuidW
SetupQueueCopyW
SetupDiSetDriverInstallParamsW

msvcrt

_mbsnicmp
toupper
_wcsdup
_mbscmp
ungetc
wcschr
isupper
_osver
_exit
remove
_mbsicmp

user32

MBToWCSEx
VkKeyScanExW
GetWindowDC
GetTaskmanWindow
AdjustWindowRectEx
GetClipboardViewer
DrawIconEx
FindWindowExA
EnableMenuItem
SendMessageW
SetDlgItemInt
LoadLocalFonts
ValidateRect

kernel32

GetLargestConsoleWindowSize
WriteConsoleW
VirtualAlloc
GlobalGetAtomNameW
ExpandEnvironmentStringsA
QueryInformationJobObject
CreateTimerQueueTimer
ReplaceFileW
GetConsoleMode
SetVolumeLabelA
Thread32Next
GetBinaryTypeA
OpenFileMappingW
EnumResourceLanguagesW
SetFileAttributesW
CreateProcessW

netapi32

NetpIsRemote
NetGroupAddUser
NetApiBufferAllocate
NetGroupAdd
DsRoleFreeMemory
NetUnjoinDomain
NetLocalGroupDelMember
NetLocalGroupGetInfo
NetGetAnyDCName
NetServerDiskEnum
NetSessionDel
NetGetJoinInformation
NetpwNameValidate
NetLocalGroupEnum
NetShareDel

advapi32

InitializeSecurityDescriptor
RegQueryMultipleValuesW
ElfReportEventW
CreateProcessWithLogonW
WmiExecuteMethodW
OpenSCManagerW
ElfRegisterEventSourceW
SetTokenInformation
AccessCheckAndAuditAlarmA
DuplicateToken

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 89KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 373KB - Virtual size: 573KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 87KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0725c9dbf79c7105d368f175727dc8e4

Headers

File Characteristics

Imports

comctl32

setupapi

msvcrt

user32

kernel32

netapi32

advapi32

Sections

.text Size: 9KB - Virtual size: 8KB

INIT Size: 89KB - Virtual size: 92KB

.idata Size: 373KB - Virtual size: 573KB

.data Size: 87KB - Virtual size: 256KB

.rsrc Size: 145KB - Virtual size: 144KB

.reloc Size: 512B - Virtual size: 182B

.text
Size: 9KB - Virtual size: 8KB

INIT
Size: 89KB - Virtual size: 92KB

.idata
Size: 373KB - Virtual size: 573KB

.data
Size: 87KB - Virtual size: 256KB

.rsrc
Size: 145KB - Virtual size: 144KB

.reloc
Size: 512B - Virtual size: 182B