7802c9de228ca6cd8b8ff993d7b499f6f196a8a31c7cac8cad298fbfa1696d8a

Sharing

Copy URL

Twitter E-mail

General

Target

7802c9de228ca6cd8b8ff993d7b499f6f196a8a31c7cac8cad298fbfa1696d8a
Size

213KB
MD5

6b44abc3b37ced115f31d10d6d872066
SHA1

0872f1f923643f89e4bb23a3ad132a829dd9ba78
SHA256

7802c9de228ca6cd8b8ff993d7b499f6f196a8a31c7cac8cad298fbfa1696d8a
SHA512

4bbd49e4c410c241496b17b23a5e4a0f40ca5c25571e7de2bc327b74601a8dc2198894eafbee6f4a1d8629a911ba3491e22d173159ac5a0dc99591cb851ebeb5
SSDEEP

6144:ASK21nINSLVFqDmg/AMdLrJYudbdQR6c4uspkY:L1nINS7qBdLZc47x

Score

N/A

Malware Config

Signatures

Files

7802c9de228ca6cd8b8ff993d7b499f6f196a8a31c7cac8cad298fbfa1696d8a
.exe windows x86

8b447b72941b7dcbe6cc36bd663418c3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
GetTempPathA
GetComputerNameW
IsDBCSLeadByte
AddAtomW
ReleaseSemaphore
GetCurrentDirectoryW
CreateFileMappingW
LoadResource
FindResourceA
CreateProcessW
ExitProcess
FileTimeToLocalFileTime
SetThreadPriority
CreateFileMappingA
ResumeThread
GetLastError
CreateDirectoryA
ExpandEnvironmentStringsA
LockResource
DeviceIoControl
LoadLibraryExA
GetCurrentProcess
SizeofResource
RaiseException
FindNextFileA
OutputDebugStringW
CopyFileW
GetExitCodeProcess
VirtualAlloc
CreateMutexW
WriteConsoleW
VirtualFree
CreateMutexA
GetCommandLineW
IsBadCodePtr
GetFullPathNameW
GetWindowsDirectoryW
MulDiv
lstrcatW

user32

InvalidateRect
GetSystemMetrics
SetWindowLongW
TranslateMessage
GetDC
ReleaseDC
GetParent
PostMessageW
LoadStringW
MessageBoxA
PostQuitMessage
SetWindowLongA
CharNextA
CharNextW
ShowWindow
GetWindowLongA
wsprintfW
GetClientRect
SetWindowPos
CreateWindowExA
GetWindowLongW
EndPaint
GetDlgItem
SetFocus
GetSysColor
KillTimer
SetTimer
EnableWindow
MessageBoxW
UpdateWindow
GetDesktopWindow
DestroyWindow
GetWindowRect
SetCursor
IsWindow
wsprintfA
DispatchMessageA

oleaut32

SafeArrayGetUBound
SysFreeString
SysAllocStringByteLen
VariantChangeType
SafeArrayCreate
SysStringByteLen
LoadTypeLib
SysStringLen
GetActiveObject
CreateErrorInfo
SysReAllocStringLen
SafeArrayPtrOfIndex
RegisterTypeLib
SafeArrayAccessData
SetErrorInfo
LoadTypeLibEx
SafeArrayUnaccessData
VariantInit
GetErrorInfo
SysAllocStringLen
SafeArrayPutElement
OleLoadPicture
VariantClear
SafeArrayGetElement
VariantChangeTypeEx
SafeArrayGetLBound
VariantCopy

rpcrt4

NDRSContextMarshallEx
NDRCContextBinding
NDRcopy
DceErrorInqTextW
CStdStubBuffer_CountRefs
MesInqProcEncodingId
MesBufferHandleReset
MesEncodeFixedBufferHandleCreate
NdrConformantStructBufferSize
NdrAsyncServerCall
MesHandleFree
MesDecodeIncrementalHandleCreate
NdrByteCountPointerFree
NDRCContextMarshall
NdrByteCountPointerUnmarshall
NdrAllocate
DllGetClassObject
DllRegisterServer
NdrClientInitialize
CreateStubFromTypeInfo
NDRSContextMarshall
NdrByteCountPointerBufferSize
MesIncrementalHandleReset
NdrAsyncClientCall

msvcrt

wcsncmp
strtol
wcsncpy
wcscmp
_chdir
_iob
_itow
rand
_local_unwind2
realloc
wcslen
_initterm
fwrite
_onexit
__dllonexit
_wtoi
_snwprintf
free
__isascii
_adjust_fdiv
_except_handler3
swprintf
_ftol

advapi32

AllocateAndInitializeSid
RegSetValueExA
RegOpenKeyExW
RegDeleteValueA
RegCloseKey
RegQueryInfoKeyW
RegEnumValueW
CloseServiceHandle
OpenThreadToken
RegCreateKeyExW
OpenProcessToken
RegEnumKeyExW
RegQueryValueExW
RegDeleteKeyA
RegSetValueExW
RegDeleteValueW
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyW
GetTokenInformation
InitializeSecurityDescriptor
FreeSid
RegEnumKeyExA

shell32

PickIconDlg
PifMgr_OpenProperties
SHChangeNotifyRegister
RestartDialog
SHDefExtractIconW
DriveType
IsNetDrive
GetFileNameFromBrowse
DllInstall
DllUnregisterServer
DllCanUnloadNow
DllGetVersion
SHChangeNotifyDeregister
Shell_GetImageLists
SHCoCreateInstance
SHStartNetConnectionDialogW
DllRegisterServer
PathQualify
Shell_GetCachedImageIndex
SHGetSetSettings
PathResolve
DragAcceptFiles
DAD_DragEnterEx
IsLFNDrive
DAD_DragMove
Shell_MergeMenus
SHILCreateFromPath
DAD_DragLeave
DragFinish
DllGetClassObject

version

VerFindFileW
GetFileVersionInfoSizeW
VerQueryValueW
VerQueryValueA
GetFileVersionInfoA
VerLanguageNameA
GetFileVersionInfoSizeA
GetFileVersionInfoW

gdi32

CreateDIBitmap
GetObjectA
CreateCompatibleDC
SelectClipRgn
ExtTextOutA
GetTextMetricsA
LineTo
CreatePen
DeleteObject
SelectPalette
CreateFontIndirectA
SetBkColor
CreateRectRgn
RealizePalette
MoveToEx
SelectObject
RestoreDC
DeleteDC
CreatePalette
GetSystemPaletteEntries
CreateSolidBrush
UnrealizeObject
SaveDC
GetStockObject
GetTextExtentPointA
SetTextColor
GetDeviceCaps

shlwapi

AssocGetPerceivedType

Sections

.textbss
Size: - Virtual size: 436KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 509B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b447b72941b7dcbe6cc36bd663418c3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

oleaut32

rpcrt4

msvcrt

advapi32

shell32

version

gdi32

shlwapi

Sections

.textbss Size: - Virtual size: 436KB

.text Size: 512B - Virtual size: 509B

.idata Size: 137KB - Virtual size: 137KB

.data Size: 18KB - Virtual size: 18KB

.debug Size: 15KB - Virtual size: 14KB

.rdata Size: 18KB - Virtual size: 18KB

.rsrc Size: 22KB - Virtual size: 21KB

.textbss
Size: - Virtual size: 436KB

.text
Size: 512B - Virtual size: 509B

.idata
Size: 137KB - Virtual size: 137KB

.data
Size: 18KB - Virtual size: 18KB

.debug
Size: 15KB - Virtual size: 14KB

.rdata
Size: 18KB - Virtual size: 18KB

.rsrc
Size: 22KB - Virtual size: 21KB