c20d3255027d9cd10c09e83fe36f5846f302713e8d24d454941d9bf9cdd99760

Sharing

Copy URL Twitter E-mail

General

Target

c20d3255027d9cd10c09e83fe36f5846f302713e8d24d454941d9bf9cdd99760
Size

26KB
MD5

88d045ca6db64d7f1763655f7d030458
SHA1

d0551a8688889a02876b7943ab157d9857635bf9
SHA256

c20d3255027d9cd10c09e83fe36f5846f302713e8d24d454941d9bf9cdd99760
SHA512

4b76651c04ab4a0df96771ebb6843f4a275b74f8bb6cb28a1b170315463f5f5436e3a9a169ed1f769fbd835dfc1eefa3e0a24e1a542d18f34386ec5f2e495033
SSDEEP

768:hT4I/uZe0l337+pr031hNdsbgmO4EJDq:hT4m0DNKI

Score

N/A

Malware Config

Signatures

Files

c20d3255027d9cd10c09e83fe36f5846f302713e8d24d454941d9bf9cdd99760
.exe windows x86

c72b653ec61817e2853acc900e17a0e2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

DceErrorInqTextW
NdrClientInitialize
NDRCContextBinding
NdrByteCountPointerUnmarshall
NdrAllocate
NdrConformantStructBufferSize
NdrAsyncServerCall
CreateStubFromTypeInfo
NdrAsyncClientCall
NdrByteCountPointerBufferSize
MesDecodeIncrementalHandleCreate
MesHandleFree
NdrByteCountPointerFree
DllRegisterServer
MesBufferHandleReset
NDRCContextMarshall
NDRSContextMarshallEx
NDRSContextMarshall
DllGetClassObject
MesInqProcEncodingId
MesEncodeFixedBufferHandleCreate
CStdStubBuffer_CountRefs
NDRcopy

kernel32

EnterCriticalSection
MapViewOfFile
InitializeCriticalSection
PeekConsoleInputW
FindFirstChangeNotificationA
TerminateProcess
WriteFile
ReadConsoleInputW
GetLargestConsoleWindowSize
SetConsoleWindowInfo
GetTickCount
FlushConsoleInputBuffer
SetConsoleTitleA
SearchPathA
GetFileSize
SetConsoleTextAttribute
SystemTimeToFileTime
ReadConsoleA
GetLastError
MoveFileA
CreateDirectoryA
VirtualAlloc
GetConsoleCursorInfo
WriteConsoleOutputW
GetShortPathNameA
GetFileTime
CreateFileA
GetEnvironmentVariableA
LocalFileTimeToFileTime
SetConsoleMode
ReadConsoleOutputW
IsBadReadPtr
SetConsoleScreenBufferSize
WaitForMultipleObjects
SetConsoleCursorInfo
GetConsoleMode
CreateFileMappingA
FindClose
FindFirstFileA
ReleaseMutex
SetConsoleCursorPosition
IsBadWritePtr
FileTimeToLocalFileTime
GetFileInformationByHandle
ReadConsoleOutputA
GetVolumeInformationA
QueryDosDeviceA
GetConsoleOutputCP
ReadConsoleW
SetCurrentDirectoryA
RaiseException
FormatMessageA
CreateProcessA
GetCurrentDirectoryA
GetVersionExA
DeleteCriticalSection
GetDiskFreeSpaceA
FreeConsole
SetConsoleActiveScreenBuffer
GetSystemTime
PeekConsoleInputA
CreateFileW
SetEnvironmentVariableA
GetCompressedFileSizeA
SetStdHandle
GetModuleHandleA
DefineDosDeviceA
LoadLibraryA
BackupWrite
RemoveDirectoryA
FindCloseChangeNotification
GetFileAttributesA
GlobalMemoryStatus
SetConsoleOutputCP
CompareStringA
FileTimeToDosDateTime
SetConsoleCP
GetNumberFormatA
GetModuleFileNameA
SetConsoleCtrlHandler
InterlockedDecrement
CreateMutexA
ExpandEnvironmentStringsA
CopyFileA
GetFileType
GetSystemTimeAsFileTime
ReadConsoleInputA
SetLastError
SetEndOfFile
AllocConsole
GetCurrentProcessId
WriteConsoleInputW
GetStdHandle
IsBadCodePtr
GetCurrentThreadId
FindNextFileA
GetFullPathNameA
MoveFileExA
FlushFileBuffers
SetFileTime
SetFileApisToOEM
SetFilePointer
OpenProcess
ReadFile
GetConsoleScreenBufferInfo
WaitForSingleObject
SetErrorMode
WriteConsoleOutputA
FreeLibrary
SetFileApisToANSI
GetComputerNameA
LeaveCriticalSection
DeleteFileA
LoadLibraryExA
GetConsoleCP
GetLogicalDrives
InterlockedIncrement
GetLocaleInfoA

gdi32

SelectClipRgn
GetDeviceCaps
SelectPalette
DeleteObject
CreateFontIndirectA
GetTextExtentPointA
SelectObject
CreateRectRgn
CreateDIBitmap
SaveDC
CreatePalette
DeleteDC
CreatePen
ExtTextOutA
BitBlt
RestoreDC
UnrealizeObject
GetTextMetricsA
RealizePalette
CreateCompatibleDC
SetTextColor
SetBkColor
GetSystemPaletteEntries
CreateSolidBrush
GetObjectA
GetStockObject

version

VerLanguageNameA
GetFileVersionInfoSizeW

shell32

DAD_DragMove
IsNetDrive
SHChangeNotifyDeregister
DllGetClassObject
PickIconDlg
DllInstall
PifMgr_OpenProperties
SHDefExtractIconW
RestartDialog
Shell_MergeMenus
DllCanUnloadNow
PathQualify
DAD_DragLeave
DllGetVersion
DriveType
DragFinish
Shell_GetImageLists
IsLFNDrive
DAD_DragEnterEx
DllRegisterServer
GetFileNameFromBrowse
SHCoCreateInstance
PathResolve
SHGetSetSettings
DllUnregisterServer
SHStartNetConnectionDialogW
Shell_GetCachedImageIndex
DragAcceptFiles

ole32

OleGetClipboard
CoCreateObjectInContext
CoCreateGuid
CoCreateInstanceEx
CoDisableCallCancellation
CoCancelCall
CLIPFORMAT_UserMarshal
CLIPFORMAT_UserUnmarshal
CoCreateInstance
OleSetClipboard
CoAllowSetForegroundWindow
OleInitialize
CLSIDFromOle1Class
CoCopyProxy
CLSIDFromProgID
CLIPFORMAT_UserFree
CLIPFORMAT_UserSize
CoCreateFreeThreadedMarshaler
CoBuildVersion
CLSIDFromProgIDEx

user32

ShowWindow
EndDialog
ReleaseDC
GetSystemMetrics
GetWindowRect
LoadStringW
EnableWindow
GetClientRect
GetDlgItem
MessageBoxA
GetDC
TranslateMessage

ws2_32

WSACleanup
send
accept
WSAStartup
WSAGetLastError
socket
connect

crypt32

CertAddEncodedCTLToStore

oleacc

AccessibleObjectFromPoint
GetRoleTextW
GetOleaccVersionInfo
DllGetClassObject
CreateStdAccessibleProxyW
LIBID_Accessibility
DllCanUnloadNow
WindowFromAccessibleObject
IID_IAccessible
ObjectFromLresult
LresultFromObject
GetStateTextA
GetStateTextW
AccessibleChildren
CreateStdAccessibleObject
CreateStdAccessibleProxyA
GetRoleTextA
IID_IAccessibleHandler
AccessibleObjectFromEvent
AccessibleObjectFromWindow
DllUnregisterServer

olecli32

OleLoadFromStream
OleCreateLinkFromClip
OleQueryLinkFromClip
OleCopyFromLink
OleDelete
OleQueryType
OleSetHostNames
OleSetTargetDevice
OleClone
OleCopyToClipboard
OleSetBounds
OleEqual
OleSaveToStream
OleCreateFromClip
OleQueryCreateFromClip

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c72b653ec61817e2853acc900e17a0e2

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

kernel32

gdi32

version

shell32

ole32

user32

ws2_32

crypt32

oleacc

olecli32

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 1024B - Virtual size: 40KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 1024B - Virtual size: 40KB

.rsrc
Size: 10KB - Virtual size: 9KB