ddcf57ea6dd86d87143f77debf01debc323ddc8a2204e2f78d06e477aa33b40f

Sharing

Copy URL Twitter E-mail

General

Target

ddcf57ea6dd86d87143f77debf01debc323ddc8a2204e2f78d06e477aa33b40f
Size

155KB
MD5

a7fa065e56a87564734a877faeb4d54d
SHA1

9c4790355f9c3f75f489212c23789eeddf9abbbf
SHA256

ddcf57ea6dd86d87143f77debf01debc323ddc8a2204e2f78d06e477aa33b40f
SHA512

fcec115f24e7796fe8be017a371b523f3f864204855372e11ff422016e5d0c0dde2e0261ca18d7d59dc3d7330498250283927438de9a5756c9b2e50e84add5b9
SSDEEP

3072:8dm02GgB9EHuiRp/0GhZl+XtHKuDf5SSIdR359OtFMOxJT9:2mTGOEOiH/0Gh+t39Iz359Omc9

Score

N/A

Malware Config

Signatures

Files

ddcf57ea6dd86d87143f77debf01debc323ddc8a2204e2f78d06e477aa33b40f
.exe windows x86

2e1ac89e9054c7137a9952d457aa1c07

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
Process32First
Process32Next
RemoveDirectoryA
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
Module32First
SetLastError
Sleep
TerminateProcess
UnmapViewOfFile
OpenFile
VirtualFree
WaitForSingleObject
WinExec
MapViewOfFile
LocalAlloc
GetWindowsDirectoryA
GetVersionExA
GetUserDefaultLangID
GetSystemDirectoryA
GetStartupInfoA
GetShortPathNameA
GetProcAddress
GetPrivateProfileStringA
MultiByteToWideChar
VirtualAlloc
MoveFileExA
GetModuleHandleA
GetLastError
GetFullPathNameA
GetFileSize
GetCurrentThreadId
GetCurrentThread
GetCurrentProcess
GetCurrentDirectoryA
GetComputerNameA
FreeLibrary
FormatMessageA
FindNextFileA
FindFirstFileA
FindClose
ExitProcess
DeviceIoControl
DeleteFileA
CreateToolhelp32Snapshot
CreateProcessA
CreateFileMappingA
CreateFileA
CreateDirectoryA
CopyFileA
SetFilePointer
CloseHandle

shlwapi

PathIsDirectoryA

user32

CopyRect
GetWindowInfo
GetSystemMetrics
SendMessageA
GetWindowRect
SetWindowPos
SetUserObjectSecurity
SetDlgItemTextA
SetCapture
MessageBoxA
LoadStringA
CreateCursor
IsDlgButtonChecked
DialogBoxParamA
EnableWindow
EndDialog
GetDlgItem
GetParent

shell32

ShellExecuteW
SHGetSpecialFolderPathA

ole32

CoUninitialize
CoInitialize

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

advapi32

OpenServiceA
CloseServiceHandle
AllocateAndInitializeSid
AdjustTokenPrivileges
AddAccessAllowedAce
AccessCheck
OpenThreadToken
QueryServiceStatus
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
RevertToSelf
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
DeleteService
SetSecurityDescriptorOwner
FreeSid
GetLengthSid
GetUserNameA
ImpersonateSelf
InitializeAcl
InitializeSecurityDescriptor
IsValidSecurityDescriptor
LookupPrivilegeValueA
OpenProcessToken
OpenSCManagerA
ControlService

comdlg32

dwLBSubclass
WantArrows
Ssync_ANSI_UNICODE_Struct_For_WOW
CommDlgExtendedError
LoadAlterBitmap

gdi32

FrameRgn
GetPolyFillMode

setupapi

CM_Is_Dock_Station_Present_Ex
SetupDiBuildDriverInfoList
SetupDiCallClassInstaller
SetupDiClassGuidsFromNameA
SetupDiCreateDeviceInfoA
SetupDiCreateDeviceInfoList
SetupDiDestroyDriverInfoList
SetupDiEnumDriverInfoA
SetupDiGetClassDevsA
SetupDiSetDeviceRegistryPropertyA

Exports

Exports

Alloc
BrowseForFolderW
GetDatabaseInfo
HriCreatePhonebookEntry
PszAllocA
Rollback
Term2

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 399B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e1ac89e9054c7137a9952d457aa1c07

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shlwapi

user32

shell32

ole32

version

advapi32

comdlg32

gdi32

setupapi

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 99KB - Virtual size: 98KB

.data Size: 14KB - Virtual size: 14KB

.rsrc Size: 512B - Virtual size: 399B

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 99KB - Virtual size: 98KB

.data
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 512B - Virtual size: 399B