10125f7314f9bc4c69778f7afdfba1cbe22ec207ba2990b272bba2f23b4d92f7

Sharing

Copy URL

Twitter E-mail

General

Target

10125f7314f9bc4c69778f7afdfba1cbe22ec207ba2990b272bba2f23b4d92f7
Size

224KB
MD5

03a771943925a4c2112e0b0e94df3e80
SHA1

fd67fc1ea7f02a52811869edcbb8055303a20033
SHA256

10125f7314f9bc4c69778f7afdfba1cbe22ec207ba2990b272bba2f23b4d92f7
SHA512

b8aadb8e3188770dbe3093b84db5c746052d00d6f4de470c76b7283d8d7574d434517e46ce6f24e9d70218ac6757e905ec7d3d6a24d5b432586629e4bb57f1cd
SSDEEP

3072:Nhba1qfXqC3X1UZqYEXMHLBKRrf51LfnNtMQXPvy5yiuwxfc1jPPLGPlKu5Jf5Ra:XLqC3FU4Tetif5BNiG35w5TKjn

Score

N/A

Malware Config

Signatures

Files

10125f7314f9bc4c69778f7afdfba1cbe22ec207ba2990b272bba2f23b4d92f7
.exe windows x86

7fcba508bee32ccab43ab4158107ed12

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ExtractIconA
DragQueryPoint
ShellAboutA
FindExecutableA
ShellExecuteExA
ExtractIconExA
ExtractAssociatedIconA
DragAcceptFiles

ole32

RegisterDragDrop
CoTaskMemAlloc
CoIsOle1Class
OleLockRunning
StgSetTimes
CoFreeUnusedLibraries
CreateStreamOnHGlobal
CoReleaseMarshalData

advapi32

GetSidSubAuthorityCount
QueryServiceLockStatusW
RegOpenKeyExW
PrivilegeCheck
RegSaveKeyW
DeleteService
QueryServiceConfigW
GetNumberOfEventLogRecords
MakeSelfRelativeSD
SetFileSecurityA

kernel32

SetFilePointer
GetStringTypeW
GetConsoleCP
LoadLibraryW
HeapReAlloc
FlushFileBuffers
SetStdHandle
HeapSize
WriteConsoleW
HeapSetInformation
FormatMessageA
CreateFileMappingA
TransactNamedPipe
DeleteTimerQueue
lstrcpynW
LoadLibraryExW
GetLastError
GetFullPathNameA
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
HeapCreate
GetDiskFreeSpaceA
GetLogicalDrives
GetCommandLineA
GetStartupInfoW
EnterCriticalSection
LeaveCriticalSection
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
GetDriveTypeW
HeapFree
MultiByteToWideChar
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetProcAddress
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WideCharToMultiByte
LCMapStringW
CreateFileW
CloseHandle
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
IsProcessorFeaturePresent
ExitProcess
WriteFile
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
RtlUnwind
GetCurrentDirectoryW

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fcba508bee32ccab43ab4158107ed12

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ole32

advapi32

kernel32

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 21KB

.rsrc Size: 156KB - Virtual size: 155KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 21KB

.rsrc
Size: 156KB - Virtual size: 155KB