e698b6cbc3b4c818d23b86937fa61e3ac91cd44ccba7873483852cedbded732a

Sharing

Copy URL

Twitter E-mail

General

Target

e698b6cbc3b4c818d23b86937fa61e3ac91cd44ccba7873483852cedbded732a
Size

164KB
MD5

bd7da8c04404fbd239390576535cbdb0
SHA1

ced2324af05a60c9a3129e3f52323d8c6b435873
SHA256

e698b6cbc3b4c818d23b86937fa61e3ac91cd44ccba7873483852cedbded732a
SHA512

76d60b6301314c6e94bf67f00cfd9215b2668ce91644b8a8604bee30c26cd5f9a5df87073e0a9357ed370f51ac1a20b0691da6a369a0df38d2cf2f14afbf2ccb
SSDEEP

3072:BShnUuEuKzr28QnCg+wmLBeHXzA1atxlQvC6wbJB2s9X7dhU9wkiYOUyvB5gGnJQ:BS9UuEuKzr28QnCHwGBEzA1atxyvqb+i

Score

N/A

Malware Config

Signatures

Files

e698b6cbc3b4c818d23b86937fa61e3ac91cd44ccba7873483852cedbded732a
.exe windows x86

2e1ac89e9054c7137a9952d457aa1c07

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
Process32First
Process32Next
RemoveDirectoryA
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
Module32First
SetLastError
Sleep
TerminateProcess
UnmapViewOfFile
OpenFile
VirtualFree
WaitForSingleObject
WinExec
MapViewOfFile
LocalAlloc
GetWindowsDirectoryA
GetVersionExA
GetUserDefaultLangID
GetSystemDirectoryA
GetStartupInfoA
GetShortPathNameA
GetProcAddress
GetPrivateProfileStringA
MultiByteToWideChar
VirtualAlloc
MoveFileExA
GetModuleHandleA
GetLastError
GetFullPathNameA
GetFileSize
GetCurrentThreadId
GetCurrentThread
GetCurrentProcess
GetCurrentDirectoryA
GetComputerNameA
FreeLibrary
FormatMessageA
FindNextFileA
FindFirstFileA
FindClose
ExitProcess
DeviceIoControl
DeleteFileA
CreateToolhelp32Snapshot
CreateProcessA
CreateFileMappingA
CreateFileA
CreateDirectoryA
CopyFileA
SetFilePointer
CloseHandle

shlwapi

PathIsDirectoryA

user32

CopyRect
GetWindowInfo
GetSystemMetrics
SendMessageA
GetWindowRect
SetWindowPos
SetUserObjectSecurity
SetDlgItemTextA
SetCapture
MessageBoxA
LoadStringA
CreateCursor
IsDlgButtonChecked
DialogBoxParamA
EnableWindow
EndDialog
GetDlgItem
GetParent

shell32

ShellExecuteW
SHGetSpecialFolderPathA

ole32

CoUninitialize
CoInitialize

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

advapi32

OpenServiceA
CloseServiceHandle
AllocateAndInitializeSid
AdjustTokenPrivileges
AddAccessAllowedAce
AccessCheck
OpenThreadToken
QueryServiceStatus
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
RevertToSelf
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
DeleteService
SetSecurityDescriptorOwner
FreeSid
GetLengthSid
GetUserNameA
ImpersonateSelf
InitializeAcl
InitializeSecurityDescriptor
IsValidSecurityDescriptor
LookupPrivilegeValueA
OpenProcessToken
OpenSCManagerA
ControlService

comdlg32

dwLBSubclass
WantArrows
Ssync_ANSI_UNICODE_Struct_For_WOW
CommDlgExtendedError
LoadAlterBitmap

gdi32

FrameRgn
GetPolyFillMode

setupapi

CM_Is_Dock_Station_Present_Ex
SetupDiBuildDriverInfoList
SetupDiCallClassInstaller
SetupDiClassGuidsFromNameA
SetupDiCreateDeviceInfoA
SetupDiCreateDeviceInfoList
SetupDiDestroyDriverInfoList
SetupDiEnumDriverInfoA
SetupDiGetClassDevsA
SetupDiSetDeviceRegistryPropertyA

Exports

Exports

Alloc
BrowseForFolderW
GetDatabaseInfo
HriCreatePhonebookEntry
PszAllocA
Rollback
Term2

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e1ac89e9054c7137a9952d457aa1c07

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shlwapi

user32

shell32

ole32

version

advapi32

comdlg32

gdi32

setupapi

Exports

Exports

Sections

.text Size: 43KB - Virtual size: 42KB

.rdata Size: 107KB - Virtual size: 106KB

.data Size: 13KB - Virtual size: 14KB

.rsrc Size: 512B - Virtual size: 186B

.text
Size: 43KB - Virtual size: 42KB

.rdata
Size: 107KB - Virtual size: 106KB

.data
Size: 13KB - Virtual size: 14KB

.rsrc
Size: 512B - Virtual size: 186B