dc1f253fc3716b95760b221e31a72d7795f040e123960f3c39f769027e164cb6

Sharing

Copy URL Twitter E-mail

General

Target

dc1f253fc3716b95760b221e31a72d7795f040e123960f3c39f769027e164cb6
Size

290KB
MD5

807f4514320ea1577d1a7d28299e35b6
SHA1

ebe9d375a3fed61372d895ea7a8cf4a9fe212dcd
SHA256

dc1f253fc3716b95760b221e31a72d7795f040e123960f3c39f769027e164cb6
SHA512

70c18e9423865af2e9198b8916170d7a5108a3ff799efd17796abf791878cea12a1c4a21157d0f11354b5ac0392efd9c34dce49df6e57a1beb5de8f350a81d01
SSDEEP

6144:NA6801eTPAncMvOnKQslRBBRCKnIZBaVDgDcTJy7f09wnWR:Nk0cT4ntKKQCj1DgoTJy7f

Score

N/A

Malware Config

Signatures

Files

dc1f253fc3716b95760b221e31a72d7795f040e123960f3c39f769027e164cb6
.exe windows x86

ea447673f9b0a360a8589277e9fd3b42

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndDeferWindowPos
MessageBoxExA
EnumThreadWindows
GetWindowRect
SendDlgItemMessageA
SetParent
GetDlgCtrlID
GetTopWindow
IsWindowUnicode
EndDialog
ShowWindow
GetWindowTextLengthA
SetDlgItemTextA
SetClipboardData
TranslateMessage
DispatchMessageA
LoadCursorA
CreateDialogIndirectParamA

advapi32

RegDeleteValueA
OpenBackupEventLogW
RegCreateKeyExA
AdjustTokenPrivileges
CloseEventLog
RegUnLoadKeyA
RegSetValueA
GetTokenInformation
RegEnumValueA
ClearEventLogA
NotifyChangeEventLog

kernel32

GetStartupInfoA
TlsSetValue
FreeEnvironmentStringsA
SuspendThread
OpenSemaphoreA
ResumeThread
TlsGetValue
GetCurrencyFormatA
GlobalMemoryStatus
LocalReAlloc
HeapValidate
GetACP
SetLocaleInfoA
VirtualQuery
HeapLock
GetCPInfo
GetUserDefaultLangID
OpenMutexA
GetPrivateProfileIntA
GetModuleHandleA
GetProcAddress
LocalHandle
LCMapStringA
VirtualAllocEx
OpenEventA

activeds

ord23
ord3
ord19
ord5
ord21
ord22
ord16
ord8
ord18
ord17

winscard

SCardListReadersA

wtsapi32

WTSSetUserConfigW
WTSQueryUserConfigW
WTSEnumerateServersW
WTSVirtualChannelRead
WTSDisconnectSession
WTSEnumerateSessionsA
WTSSetUserConfigA
WTSWaitSystemEvent
WTSVirtualChannelQuery
WTSEnumerateProcessesA
WTSFreeMemory
WTSVirtualChannelWrite
WTSQueryUserConfigA
WTSOpenServerA

msvcrt

_exit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_XcptFilter

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 267KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea447673f9b0a360a8589277e9fd3b42

Headers

File Characteristics

Imports

user32

advapi32

kernel32

activeds

winscard

wtsapi32

msvcrt

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 267KB - Virtual size: 266KB

.data Size: 512B - Virtual size: 320KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 267KB - Virtual size: 266KB

.data
Size: 512B - Virtual size: 320KB

.rsrc
Size: 17KB - Virtual size: 16KB