d83f82892cf3b86052dec2e104ba2cc042023e83350fef0a0e61d42c320ab183

Sharing

Copy URL

Twitter E-mail

General

Target

d83f82892cf3b86052dec2e104ba2cc042023e83350fef0a0e61d42c320ab183
Size

741KB
MD5

0972491ac0b2149b331d6ee009fc94d0
SHA1

6257c281e29d216fb5d04418bf2ed2ad3e217642
SHA256

d83f82892cf3b86052dec2e104ba2cc042023e83350fef0a0e61d42c320ab183
SHA512

3086f7b259b3fae4c40252e8fc1ee49b3267286d34c77da4b8e77b57f4534b56d89aae3ccdb431090892de5afc11659f6d7d86adbd0866add4f2aaf6744e52e6
SSDEEP

12288:eCTWvq5Jph/sPbUQ1NDpNYSgYGlxJSsPdY:eCTWv2VebUCNVySg5lxJSoa

Score

N/A

Malware Config

Signatures

Files

d83f82892cf3b86052dec2e104ba2cc042023e83350fef0a0e61d42c320ab183
.exe windows x86

792f0bdafbf513255cebce5996d68e70

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
InterlockedIncrement
IsDBCSLeadByte
lstrcpyA
CompareStringA
DebugBreak
OutputDebugStringA
SetLastError
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
LocalFree
FormatMessageA
lstrcmpA
WritePrivateProfileStringA
GetACP
GetPrivateProfileStringA
GetDiskFreeSpaceExA
GetVolumeInformationA
GetDriveTypeA
GetLogicalDriveStringsA
GlobalMemoryStatus
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
CompareStringW
WideCharToMultiByte
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
FreeResource
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
GetOEMCP
GetCPInfo
HeapSize
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
ExitProcess
HeapReAlloc
CreateThread
ExitThread
GetStartupInfoA
GetCommandLineA
VirtualQuery
GetSystemInfo
GetModuleHandleW
VirtualProtect
RtlUnwind
IsDebuggerPresent
GetTickCount
MultiByteToWideChar
GetCurrentThreadId
DeleteFileA
lstrcmpiA
GetSystemDirectoryA
lstrcatA
lstrlenA
DeviceIoControl
FindResourceA
LoadResource
SizeofResource
LCMapStringW
WriteFile
RaiseException
CreateFileA
GetFileSize
CreateFileMappingA
MapViewOfFile
FlushViewOfFile
UnmapViewOfFile
CloseHandle
GetThreadLocale
GetStringTypeExA
InterlockedDecrement
GetCurrentProcess
FlushInstructionCache
LoadLibraryA
FreeLibrary
GetProcAddress
GetLastError
DeleteCriticalSection
InitializeCriticalSection
Sleep
WaitForSingleObject
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
LeaveCriticalSection
EnterCriticalSection
QueryPerformanceCounter

user32

SetWindowLongA
ShowWindow
ExitWindowsEx
UnregisterClassA
wsprintfW
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
DefWindowProcA
CharNextA
SetRectEmpty
DestroyCursor
DestroyWindow
GetWindowLongA
wsprintfA
wvsprintfA
GetActiveWindow
EnableWindow
SetWindowTextW
PostQuitMessage
LoadStringA
IsDialogMessageA
GetDlgItem
SetDlgItemTextA
GetDesktopWindow
GetSysColorBrush
LoadCursorA
GetForegroundWindow
MessageBoxA
DialogBoxParamA
CreateDialogParamA
GetClassNameA
CreateCursor
EndDialog
GetSystemMetrics
LoadImageA
GetWindow
GetWindowRect
SystemParametersInfoA
MapWindowPoints
GetDlgItemTextA
GetSysColor
GetFocus
OffsetRect
GetCapture
ReleaseCapture
ReleaseDC
GetDC
EndPaint
BeginPaint
GetCursorPos
SetCursor
DrawFocusRect
FillRect
DrawTextA
PtInRect
CallWindowProcA
SetWindowPos
IsWindow
GetDlgCtrlID
GetParent
SetFocus
SetCapture
IsWindowEnabled
InvalidateRect
UpdateWindow
ScreenToClient
GetClientRect
SendMessageA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
CreateWindowExA

gdi32

CreatePen
CreateCompatibleBitmap
CreateCompatibleDC
GetStockObject
CreateFontIndirectA
DeleteDC
SetTextColor
SetBkMode
SelectObject
GetObjectA
DeleteObject
Polygon

advapi32

AdjustTokenPrivileges
OpenProcessToken
RegQueryValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
OpenSCManagerA
OpenServiceA
QueryServiceStatus
CloseServiceHandle
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
RegFlushKey
RegCloseKey
LookupPrivilegeValueA

shell32

ShellExecuteA

ole32

CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VarI4FromStr
VarR8FromStr
VarDecFromStr
VarDecCmp
VarUI4FromStr
VarDateFromStr

shlwapi

SHDeleteKeyA
PathFileExistsA

comctl32

_TrackMouseEvent
InitCommonControlsEx

skinh

SkinH_Attach
SkinH_Attach_Ex

ntdll

_chkstk
_CIpow
_aullshr
_allshl
memcpy
ZwQueryVolumeInformationFile
_alldiv
_splitpath
toupper
floor
memmove
memset
_allmul

Sections

.text
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 510KB - Virtual size: 509KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

792f0bdafbf513255cebce5996d68e70

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

skinh

ntdll

Sections

.text Size: 187KB - Virtual size: 186KB

.rdata Size: 30KB - Virtual size: 30KB

.data Size: 12KB - Virtual size: 19KB

.rsrc Size: 510KB - Virtual size: 509KB

.text
Size: 187KB - Virtual size: 186KB

.rdata
Size: 30KB - Virtual size: 30KB

.data
Size: 12KB - Virtual size: 19KB

.rsrc
Size: 510KB - Virtual size: 509KB