a47ac0ab43554cd16196866b19a83ae1a8857130467e787f7e4391fb87559dc4

Sharing

Copy URL Twitter E-mail

General

Target

a47ac0ab43554cd16196866b19a83ae1a8857130467e787f7e4391fb87559dc4
Size

24KB
MD5

60b8c6a33ae123e798acba5b24de89b7
SHA1

577212cfc17c8caa82265bbfb40422d2ce3e7eee
SHA256

a47ac0ab43554cd16196866b19a83ae1a8857130467e787f7e4391fb87559dc4
SHA512

a687ebf452a34f9d1b4cf6ef678493ea8b3e03677b8665317f5ffb547f67adfc9eae92538a08bc8e766174469fc19192f1308f26d3fc615704377c578822defa
SSDEEP

384:yE32vY3ML0YzhB32vix3C+tTdjbb/Mg0OeU:yc2w4zhp2C3CKdjb5B

Score

N/A

Malware Config

Signatures

Files

a47ac0ab43554cd16196866b19a83ae1a8857130467e787f7e4391fb87559dc4
.exe windows x86

7c985529f412b82ce71571dd8c438ad0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

EnableWindow
ClientToScreen
CreateWindowExA
GetSystemMetrics
GetAsyncKeyState
ShowWindow
DefWindowProcA
UnhookWindowsHookEx
DispatchMessageA
GetWindowThreadProcessId
PostQuitMessage
CallNextHookEx
IsIconic
GetMessageA
TranslateMessage
MapDialogRect
InvalidateRgn
GetSysColor
GetDesktopWindow
SetWindowPos
InflateRect
SendMessageA
DestroyWindow
SetTimer
BringWindowToTop
LockSetForegroundWindow
SetCursor
GetSubMenu
GetActiveWindow
UpdateWindow
RegisterClassExA
GetDC
CreateIconIndirect
GetMenuItemID
GetFocus
DrawFocusRect
GetMenuItemCount
GetClientRect
CopyRect
GetKeyState
ScreenToClient
DestroyIcon
KillTimer
IsWindowVisible
GetCursorPos
GetWindowRect

comctl32

ImageList_AddMasked
InitCommonControlsEx
ImageList_GetIcon
ImageList_ReplaceIcon
DestroyPropertySheetPage

gdi32

Polygon
CreateCompatibleDC
SelectObject
CreateCompatibleBitmap
Rectangle
BitBlt
DeleteObject
CreateBitmap

netapi32

NetServerEnum
NetApiBufferSize

msvcrt

fclose
isalpha
wcslen
wcscmp
_exit
wcsrchr
_mbslen
wcschr
realloc
_wcsdup
_CxxThrowException
_ftol
clearerr
_cexit
_c_exit
ftell
_getpid
__dllonexit
_tzset
_purecall
free
__p__commode
localtime
mktime
_open_osfhandle
fwrite
__set_app_type
_except_handler3
_wcslwr
fseek
_errno
time
_wcsicmp
_controlfp
_fdopen
calloc
wcsncat
wcsncmp
__p__fmode
fflush
_wcmdln
_wtoi
__wgetmainargs
__CxxFrameHandler
_filelength

kernel32

BackupRead
GetVersion
EnterCriticalSection
GetSystemTime
SetLastError
OpenMutexA
LocalFree
GetTapeStatus
GetCurrentProcess
LockResource
LockFile
HeapCreate
GetProcessHeap
CreateMutexA
TerminateProcess
GetModuleHandleA
GetProcessHeaps
GetTapePosition
TerminateThread
ReleaseMutex
ExitThread
LocalFileTimeToFileTime
SetTapePosition
SetTapeParameters
HeapFree
SetEndOfFile
LeaveCriticalSection
GetCurrentThreadId
FreeLibrary
ReadFile
GetUserDefaultLCID
GetLastError
CloseHandle
InitializeCriticalSection
VirtualAlloc
FileTimeToLocalFileTime
SystemTimeToFileTime
SetFileTime
WriteFile
GetTimeZoneInformation
FileTimeToSystemTime
LoadResource
QueryPerformanceCounter

ntdll

wcscspn
iswctype
isdigit
_aulldvrm

advapi32

SetSecurityDescriptorDacl
DeleteAce
AllocateAndInitializeSid
InitializeAcl
InitializeSecurityDescriptor
OpenThreadToken
FreeSid
ReadEncryptedFileRaw
ControlService
CloseServiceHandle
CheckTokenMembership
RegOpenKeyExA
GetSecurityDescriptorDacl
AdjustTokenPrivileges
CloseEncryptedFileRaw
OpenProcessToken
RegQueryValueExA
QueryServiceStatus

shell32

SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetMalloc

ole32

StringFromGUID2
CoCreateGuid
CLSIDFromString
CoUninitialize
CoTaskMemFree
CoInitializeEx
CoCreateInstance

syssetup

AsrRestorePlugPlayRegistryData
AsrFreeContext

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1010B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c985529f412b82ce71571dd8c438ad0

Headers

DLL Characteristics

File Characteristics

Imports

user32

comctl32

gdi32

netapi32

msvcrt

kernel32

ntdll

advapi32

shell32

ole32

syssetup

Sections

.text Size: 16KB - Virtual size: 16KB

.data Size: 1024B - Virtual size: 1010B

.rsrc Size: 5KB - Virtual size: 20KB

.text
Size: 16KB - Virtual size: 16KB

.data
Size: 1024B - Virtual size: 1010B

.rsrc
Size: 5KB - Virtual size: 20KB