de759dc4b43492c8cc3c04865e04f48ae0959af9a2a0f9db2a8c63180b58e0e7

General

Target

de759dc4b43492c8cc3c04865e04f48ae0959af9a2a0f9db2a8c63180b58e0e7
Size

166KB
MD5

3a739b631c3df5bc193e273de1eef2d0
SHA1

30cef425b1cb3bdf754acbee822a7cd95bd6086a
SHA256

de759dc4b43492c8cc3c04865e04f48ae0959af9a2a0f9db2a8c63180b58e0e7
SHA512

e17ff63aacfb40446abdaf4d2bb51a0e71a4b18393419932544a0d894e1140189c1fca0aacd8c744294f927967918db700a22648f912d34decacffbfbd9a2ac3
SSDEEP

3072:6O2VYfmU09txU0pDKtrOLr7/l1ce7xPmNZmr/5QBAuK:6O2VYIxFDKoX7HzxPgZC7

Score

N/A

Malware Config

Signatures

Files

de759dc4b43492c8cc3c04865e04f48ae0959af9a2a0f9db2a8c63180b58e0e7
.exe windows x86

a47a7e7178e102cee37c3914a6705e23

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntshrui

DllCanUnloadNow
IsPathSharedA
GetLocalPathFromNetResourceW
GetNetResourceFromLocalPath
IsPathShared

scarddlg

SCardUIDlgSelectCardA
SCardDlgExtendedError
SCardUIDlgSelectCardW
GetOpenCardNameW
GetOpenCardNameA

sqlwoa

_GetProp@8
_CharUpper@4
_GetFileTitle@12
_SendDlgItemMessage@20
_CreateWindowEx@48

inseng

GetICifRWFileFromFile
CheckForVersionConflict
GetICifFileFromFile
DllGetClassObject
PurgeDownloadDirectory

unimdmat

UmWaveAction
UmDialModem
UmAbortCurrentModemCommand
UmIssueCommand
UmDuplicateDeviceHandle

softpub

SoftpubFreeDefUsageCallData
SoftpubLoadDefUsageCallData
SoftpubLoadSignature
SoftpubLoadMessage
SoftpubCleanup

mtxlegih

TryLegInterfaceFirst

dhcpcsvc

DhcpReleaseIpAddressLeaseEx
DhcpPersistentRequestParams
DhcpAcquireParameters
McastReleaseAddress
DhcpCApiCleanup

user32

GetWindowTextW
GetClientRect
FindWindowW
FindWindowA
GetWindowRect
GetWindowTextA

kernel32

SetConsoleCursorPosition
GetConsoleMode
GetThreadPriority
VirtualAlloc
ExitProcess

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a47a7e7178e102cee37c3914a6705e23

Headers

DLL Characteristics

File Characteristics

Imports

ntshrui

scarddlg

sqlwoa

inseng

unimdmat

softpub

mtxlegih

dhcpcsvc

user32

kernel32

Sections

.text Size: 12KB - Virtual size: 12KB

.data Size: 151KB - Virtual size: 151KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 12KB

.data
Size: 151KB - Virtual size: 151KB

.reloc
Size: 1KB - Virtual size: 1KB