8ca6163ca8f330b8c8c3be37d1665a5fc8eac0682d52303e17c2679613ad00ee

Sharing

Copy URL Twitter E-mail

General

Target

8ca6163ca8f330b8c8c3be37d1665a5fc8eac0682d52303e17c2679613ad00ee
Size

147KB
MD5

7d5f833a58f0053c98eb98cfe7f36c94
SHA1

0a6b55fba2be2a9c00b9a52b8cb3f95a08287da2
SHA256

8ca6163ca8f330b8c8c3be37d1665a5fc8eac0682d52303e17c2679613ad00ee
SHA512

9c84118fed7e028c2da140b85212f86bd65657c3f60691a329df78b40805dce5d4fb0f926dbe9d76ba34df6f95c416be111a059259f871c97703927606553669
SSDEEP

3072:szNN9hh3531DtEGkTfJx+lgBSovkJVoPXKJo46e/VfKtCTVg6t:sRF7VeTfJJBSoMJVdv/hdTV

Score

N/A

Malware Config

Signatures

Files

8ca6163ca8f330b8c8c3be37d1665a5fc8eac0682d52303e17c2679613ad00ee
.exe windows x86

f6d58f09f059a686b30e58e649ce0249

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TrackPopupMenu
ScreenToClient
AppendMenuA
SetFocus
CloseClipboard
CreatePopupMenu
SetWindowPos
IsWindowEnabled
IsIconic
GetWindowDC
SetWindowTextA
CallWindowProcA
GetDlgItemTextA
wsprintfA
GetActiveWindow
GetSysColorBrush
MoveWindow
IsDlgButtonChecked
DestroyIcon
GetClassInfoA
EndDialog
EnableWindow
GetClipboardData
CheckMenuRadioItem
GetParent
OpenClipboard
EnumClipboardFormats
wvsprintfA
SetDlgItemTextA
CharUpperA
SendDlgItemMessageA
SetWindowLongA
SetClassLongA
GetDlgItem
InvalidateRect
LoadCursorA
SetClipboardData
DestroyCursor
ShowWindow
CharLowerA
GetWindowRect

kernel32

GetModuleFileNameA
VirtualFree
CreateProcessA
TerminateProcess
VirtualQueryEx
lstrlenA
SetPriorityClass
CloseHandle
GetProcAddress
MulDiv
GetCommandLineA
GetCurrentProcess
ResumeThread
GlobalAlloc
OpenProcess
lstrcmpiA
CreateFileA
UnmapViewOfFile
CopyFileA
MapViewOfFile
GetPriorityClass
VirtualUnlock
VirtualQuery
WriteFile
GetCurrentThread
lstrcatA
GetCurrentProcessId
WideCharToMultiByte
WaitForMultipleObjects
lstrcmpA
CreatePipe
SetCurrentDirectoryA
SetFileAttributesA
SetFilePointer
GlobalUnlock
FindNextFileA
GetFileSize
Sleep
VirtualLock
LoadLibraryA
GetVersion
GetPrivateProfileStructA
VirtualAlloc
ReadProcessMemory
FindFirstFileA
FindClose
IsBadReadPtr
CreateFileMappingA
OutputDebugStringA
lstrcpynA
GlobalLock
IsProcessorFeaturePresent
VirtualProtectEx
GetModuleHandleA
ReadFile
WritePrivateProfileStructA

advapi32

RegCreateKeyExA
OpenProcessToken
LookupPrivilegeValueA
RegSetValueExA

msvcrt

free
_timezone
_except_handler3
realloc
strchr
malloc
gmtime
toupper
mktime
asctime
strncmp

dpnlufat

_Stof
_Cosh
_LExp
_FSinh
_FCosh
_LRteps
_FExp
_Getcvt
_LDscale
_Dscale
_FDenorm
_FDtest
_Mbrtowc
_Dnorm
_FDscale
_FDnorm
_LSinh
_Snan
_Tolower
_Exp
_Stold
_Denorm
_Rteps
_FNan
_Stod
_Nan
_LEps
_Eps
_Strxfrm
_LPoly
_Inf
_FInf
_Toupper
_Wcrtomb
_Xbig
_Getctype
_Poly
_LSnan
_FRteps
_FXbig
_Dtest
_FEps

shell32

SHGetFileInfoA
DragAcceptFiles
ShellExecuteA

comctl32

ImageList_Destroy
InitCommonControlsEx
ImageList_Remove
ImageList_Create
ImageList_Add

imagehlp

ImageNtHeader
BindImageEx
ImageRvaToSection
ImageRvaToVa

gdi32

CreateFontIndirectA
SetBkMode
SetTextColor
GetDeviceCaps
DeleteObject

comdlg32

GetSaveFileNameA

Sections

.text
Size: 133KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6d58f09f059a686b30e58e649ce0249

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

advapi32

msvcrt

dpnlufat

shell32

comctl32

imagehlp

gdi32

comdlg32

Sections

.text Size: 133KB - Virtual size: 136KB

.rdata Size: 4KB - Virtual size: 8KB

.data Size: 6KB - Virtual size: 8KB

.rsrc Size: 3KB - Virtual size: 4KB

.text
Size: 133KB - Virtual size: 136KB

.rdata
Size: 4KB - Virtual size: 8KB

.data
Size: 6KB - Virtual size: 8KB

.rsrc
Size: 3KB - Virtual size: 4KB