248562d1ee80da1ea66d356be7f18d9a55e2e108e2c6aba91414c11b8a7a521f

Sharing

Copy URL Twitter E-mail

General

Target

248562d1ee80da1ea66d356be7f18d9a55e2e108e2c6aba91414c11b8a7a521f
Size

1.8MB
MD5

dd097afc3133278c80cc1536a092f237
SHA1

df15ca5756717045a170f7a12e377c4241d25fb3
SHA256

248562d1ee80da1ea66d356be7f18d9a55e2e108e2c6aba91414c11b8a7a521f
SHA512

d018040ea5cc0707cbe34f6bd3fe072a049a480cdbcc3821d2a2d9a10e104af5641187c93f39ea2fab027ebfa09d389962fc3900a7ab2091f930ec5332699631
SSDEEP

12288:tlBQXqf4xeflhGHef2FwCHs/+pfGfz60wukE9Ao+53VfNszF4C/FdPlWAkUj7HqN:trH/nGHEhmkzv3t+3fqa4TwNoXmIG+4

Score

N/A

Malware Config

Signatures

Files

248562d1ee80da1ea66d356be7f18d9a55e2e108e2c6aba91414c11b8a7a521f
.exe windows x86

a9677598a3004b9b04fd11f544516f9d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegSetValueExW
RegCreateKeyW
RegQueryValueW
RegEnumValueW
RegQueryValueExW
GetUserNameW
RegEnumKeyW
RegOpenKeyW
RegDeleteValueW
RegQueryInfoKeyW
RegCreateKeyExW
GetTokenInformation
OpenProcessToken
PrivilegeCheck
OpenThreadToken
LookupPrivilegeValueW
RegQueryValueExA
RegOpenKeyExA

kernel32

GetDateFormatW
GetQueuedCompletionStatus
TerminateThread
TerminateProcess
ResumeThread
ExitProcess
SetCurrentDirectoryW
GetProfileStringW
GetPrivateProfileStringW
GetModuleFileNameW
GetLocaleInfoW
CreateIoCompletionPort
lstrcmpiA
GetCurrentProcess
GetVersionExW
OpenEventW
GetSystemDefaultLCID
SetProcessShutdownParameters
ReleaseMutex
CreateMutexW
InitializeCriticalSection
RtlUnwind
GlobalAlloc
GetTimeFormatW
GetLocalTime
lstrcmpW
CreateThread
WaitForSingleObject
InterlockedExchange
GlobalFree
FormatMessageW
CreateProcessW
SetLastError
GetLastError
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableW
IsBadCodePtr
CreateEventW
SetEvent
GetWindowsDirectoryW
LoadLibraryW
GetProcAddress
MoveFileW
FindFirstFileW
lstrcpynW
FindNextFileW
FindClose
GetFileAttributesW
GlobalGetAtomNameW
CloseHandle
EnterCriticalSection
LeaveCriticalSection
GetThreadPriority
GetTickCount
lstrcatW
GetCurrentThread
SetThreadPriority
GetUserDefaultLangID
lstrcmpiW
Sleep
MultiByteToWideChar
GetVersionExA
GetSystemDirectoryW
lstrlenW
GetModuleHandleW
LocalFree
LocalAlloc
lstrcpyW
GetCommandLineW
GetStartupInfoA
SetErrorMode
FreeLibrary
IsBadReadPtr
LoadLibraryA
RaiseException
GetUserDefaultLCID
GetModuleHandleA

gdi32

GetStockObject
SetTextColor
TranslateCharsetInfo
CreateRectRgnIndirect
GetTextExtentPointW
GetDeviceCaps
BitBlt
SetBkColor
GetObjectW
CreateFontIndirectW
GetClipBox
ExtTextOutW
DeleteObject
CreateCompatibleDC
GetDCOrgEx
SelectObject
DeleteDC
CreateCompatibleBitmap

user32

DrawEdge
ExitWindowsEx
ModifyMenuW
SetMenuDefaultItem
DeleteMenu
ClientToScreen
LoadIconW
RemovePropW
SetPropW
FindWindowW
MsgWaitForMultipleObjects
AppendMenuW
CreatePopupMenu
GetMenuDefaultItem
InsertMenuItemW
EndPaint
BeginPaint
SetWindowTextW
SetCursorPos
DrawFocusRect
EnumDisplaySettingsW
GetClassNameW
PaintDesktop
UnregisterClassW
CharNextW
GetShellWindow
MessageBoxW
CharUpperBuffW
SetMenuItemInfoW
SwitchToThisWindow
IsHungAppWindow
InternalGetWindowText
PostThreadMessageW
RegisterHotKey
UnregisterHotKey
PostQuitMessage
MessageBeep
GetActiveWindow
IsMenu
EnumWindows
GetMenuItemInfoW
SetWindowRgn
MoveWindow
SendMessageTimeoutW
SendDlgItemMessageW
IsDlgButtonChecked
CheckDlgButton
AdjustWindowRectEx
SubtractRect
SetActiveWindow
wsprintfW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
WaitMessage
LoadAcceleratorsW
LoadBitmapW
SendNotifyMessageW
SetWindowPlacement
CallWindowProcW
SetCapture
CopyRect
LoadImageW
DestroyIcon
LoadMenuW
GetSubMenu
RemoveMenu
RegisterClassW
IsChild
IsWindowEnabled
GetKeyState
GetFocus
GetSysColor
UnionRect
EqualRect
GetWindowThreadProcessId
InflateRect
RedrawWindow
GetClientRect
PeekMessageW
MapWindowPoints
SetScrollPos
RegisterWindowMessageW
EnumChildWindows
InsertMenuW
GetWindow
IsWindow
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
LoadStringW
SetRectEmpty
PtInRect
SetTimer
SetWindowPos
GetWindowRect
SetRect
DestroyWindow
InvalidateRect
UpdateWindow
GetDC
ShowWindow
ReleaseDC
GetWindowLongW
LoadCursorW
SetCursor
GetParent
SetFocus
GetCursorPos
WindowFromPoint
ScreenToClient
GetAsyncKeyState
EndDialog
SetWindowLongW
SendMessageW
GetDlgItem
EnableWindow
GetMenuItemID
EnableMenuItem
SetForegroundWindow
TrackPopupMenu
GetClassInfoExW
DefWindowProcW
RegisterClassExW
CreateWindowExW
KillTimer
GetLastActivePopup
IsWindowVisible
IsRectEmpty
SetScrollInfo
CharNextA
GetWindowLongA
GetMessagePos
ShowWindowAsync
GetForegroundWindow
GetMenuState
TrackPopupMenuEx
DestroyMenu
SystemParametersInfoW
GetDesktopWindow
CascadeWindows
TileWindows
PostMessageW
SendMessageCallbackW
GetSystemMenu
GetMenuItemCount
EndTask
GetScrollInfo
DrawCaptionTempW
GetDlgCtrlID
IsZoomed

shlwapi

ord169
PathFindFileNameW
ord94
PathCombineW
ord236
SHRegGetUSValueW
ord241
ord244
ord356
StrStrIW
PathRemoveArgsW
PathRemoveBlanksW
StrCmpNIW
SHDeleteKeyW
ord460
PathGetArgsW
PathUnquoteSpacesW
ord467
StrCpyW
ord164
ord165
wnsprintfW
ord204
StrToIntW
ord260
PathAppendW
ord10
StrStrW
PathGetDriveNumberW
PathFileExistsW
PathStripToRootW
StrChrW
PathRemoveFileSpecW
StrCatBuffW
ord292
PathIsDirectoryW
PathFindExtensionW
ord8
ord9
ord279
SHRegGetBoolUSValueW
SHRegSetUSValueW
ord174
ord172
ord437
SHSetValueW
SHGetValueW
ord16
ord413
SHOpenRegStream2W
ord346
StrCmpIW
ord433

comctl32

ord324
ord329
ord323
ord322
ord320
ord325
ord332
CreatePropertySheetPageW
ord387
ord336
ord334
ord328
PropertySheetW
ord327
ord326
ImageList_Remove
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_GetImageCount
ImageList_SetBkColor
ImageList_Create
ImageList_GetIconSize
ord337
ord385
ord413
ord410
ord386
ord412
InitCommonControlsEx
ord321

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9677598a3004b9b04fd11f544516f9d

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

shlwapi

comctl32

Sections

.text Size: 101KB - Virtual size: 101KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 139KB - Virtual size: 140KB

.reloc Size: 1.6MB - Virtual size: 1.6MB

.text
Size: 101KB - Virtual size: 101KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 139KB - Virtual size: 140KB

.reloc
Size: 1.6MB - Virtual size: 1.6MB