70a45ce6dddc901026f01a3e48d3a096a860c2cec0a2de088348ea7ab7441edb

Sharing

Copy URL

Twitter E-mail

General

Target

70a45ce6dddc901026f01a3e48d3a096a860c2cec0a2de088348ea7ab7441edb
Size

647KB
MD5

4e6d96a691ab686c6e89ead26ec66cb4
SHA1

db369c8e98c5f5ab81405fb1096c1e66781e71c6
SHA256

70a45ce6dddc901026f01a3e48d3a096a860c2cec0a2de088348ea7ab7441edb
SHA512

a85cf7e6f0f39d397f88e2753b8a040e7aa7fac1d95778c3dbd33f7af79caf689d96c96dd75981b3a5906df25728700217730e16fa3d9bc9badcc323d1d92fe6
SSDEEP

12288:bwtZv5CggrTuk4p1SGPteP1zvFvubdkUwOQ+Uxim2Zi1ZB:EtLfg2LNlazmjweUxj2Cn

Score

N/A

Malware Config

Signatures

Files

70a45ce6dddc901026f01a3e48d3a096a860c2cec0a2de088348ea7ab7441edb
.exe windows x86

dcbf6d76ff51eddd8159c23a81cbfc37

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetPrivateProfileIntW
GetPrivateProfileStringW
GetProcAddress
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetUserDefaultLCID
GetVersionExA
GetVersionExW
GlobalAlloc
GlobalFree
HeapAlloc
HeapCreate
HeapDestroy
FreeEnvironmentStringsW
HeapReAlloc
InterlockedExchange
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LoadLibraryA
LoadLibraryW
LocalAlloc
LocalFree
MultiByteToWideChar
QueryPerformanceCounter
RtlUnwind
SetFileAttributesW
SetFilePointer
SetHandleCount
SetStdHandle
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteFile
lstrcatW
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenW
VirtualAllocEx
ReadFile
GetWindowsDirectoryA
CreateFileW
FreeEnvironmentStringsA
FlushFileBuffers
FindNextFileW
FindFirstFileW
FindClose
ExitProcess
EnumSystemLocalesA
DeleteFileW
CreateSemaphoreW
CompareStringW
HeapFree
CloseHandle

user32

SetDlgItemTextW
SetFocus
SetWindowsHookExW
UnhookWindowsHookEx
WinHelpW
wsprintfW
LoadCursorW
LoadIconW
LoadIconA
SendMessageW
MessageBoxW
LoadStringW
GetDlgItemTextW
GetDlgItem
GetActiveWindow
ExitWindowsEx
EndDialog
EnableWindow
DialogBoxParamW
CharUpperW
CallNextHookEx
PostMessageW
SendDlgItemMessageW

gdi32

GetStockObject
GetObjectW
CreateFontIndirectW
DeleteObject

advapi32

RegDeleteValueW
RegOpenKeyExW
RegQueryValueW
RegQueryValueExW
RegCloseKey
RegOpenKeyW

shell32

ShellExecuteW

Sections

.text
Size: 628KB - Virtual size: 628KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 397KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dcbf6d76ff51eddd8159c23a81cbfc37

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 628KB - Virtual size: 628KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 284B

.rsrc Size: 13KB - Virtual size: 397KB

.text
Size: 628KB - Virtual size: 628KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 284B

.rsrc
Size: 13KB - Virtual size: 397KB