93b4b0c4093eac44814ae7e3214496d8644ffe83e5afa2c11cadc514fec8f7c4

Sharing

Copy URL Twitter E-mail

General

Target

93b4b0c4093eac44814ae7e3214496d8644ffe83e5afa2c11cadc514fec8f7c4
Size

296KB
MD5

4b415176cc5ad5ee0c002abcddf85c0a
SHA1

0977cafba44ef8a3288fb2b9804e3493fe8e00c6
SHA256

93b4b0c4093eac44814ae7e3214496d8644ffe83e5afa2c11cadc514fec8f7c4
SHA512

1c98713be8e92056603796f3a93925dca3d4cd4b8a5068a0b7d9c5e38ea7d156883b388059fce021e25a6db85308ac12c539f9a3b2a9eed1084c9f08fd9ae055
SSDEEP

6144:0QdwlgD2YX3xY6N6SVyT769Pwu4TYHdFYYYKROg:0EPDzX3xY6N68ZI0HdeOx

Score

N/A

Malware Config

Signatures

Files

93b4b0c4093eac44814ae7e3214496d8644ffe83e5afa2c11cadc514fec8f7c4
.exe windows x86

7acfa7b22db9d91c90f3cb8fd9460b4f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

malloc
_initterm
free
memmove
_wsplitpath
_wmakepath
_adjust_fdiv
wcschr
wcsrchr
atof
_wtoi
??2@YAPAXI@Z
??3@YAXPAX@Z
wcstombs
mbstowcs
_vsnwprintf

kernel32

GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetVersionExW
lstrlenW
LocalFree
lstrcpynW
LocalAlloc
lstrlenA
GetPrivateProfileStringW
lstrcmpiW
FreeLibrary
GetProcAddress
LoadLibraryW
GetPrivateProfileSectionW
GlobalFree
GlobalAlloc
lstrcpyW
lstrcatW
GetWindowsDirectoryW
CompareStringW
lstrcmpW
GetLastError
OutputDebugStringW
_lclose
_lwrite
_lcreat
GetPrivateProfileIntW
UnmapViewOfFile
CloseHandle
MapViewOfFile
CreateFileMappingW
SetLastError
Sleep
FindClose
FindFirstFileW
_llseek
_lread
_lopen
SetFileAttributesW
ExpandEnvironmentStringsW
CreateProcessW
GetCurrentProcess
WaitForSingleObject
CreateEventW
DeleteFileW
GetModuleHandleW
CreateThread
CreateSemaphoreW
WriteFile
CreateFileW
GetTempFileNameW
GetCurrentDirectoryW
GetTempPathW
GetShortPathNameW
GetFullPathNameW
GetSystemDirectoryW
FindNextFileW
GetFileAttributesW
GetModuleFileNameW
SetCurrentDirectoryW
SetEvent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId

user32

SetTimer
MessageBoxW
wsprintfW
ShowWindow
LoadStringW
SetDlgItemTextW
SetWindowTextW
FindWindowW
GetParent
EndDialog
GetDlgItemTextW
DialogBoxParamW
RegisterWindowMessageA
SetWindowPos
KillTimer
PostMessageW
SendMessageW
CharNextW
CharPrevW
GetWindowTextW
GetClassNameW
EnumWindows
PeekMessageW
MsgWaitForMultipleObjects
SetForegroundWindow
SetFocus
CreateDialogParamW
IsWindow
UpdateWindow
ExitWindowsEx
DefWindowProcW
PostQuitMessage
CreateWindowExW
RegisterClassW
LoadCursorW
LoadIconW
DestroyWindow
TranslateMessage
GetMessageW
SetRect
ReleaseDC
GetDC
GetWindowRect
GetDlgItem
SetWindowLongW
GetWindowLongW
DispatchMessageW
IsWindowVisible

gdi32

GetDeviceCaps
GetStockObject

advapi32

AdjustTokenPrivileges
RegOpenKeyW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegCreateKeyW
LookupPrivilegeValueW
OpenProcessToken

shell32

ShellExecuteW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

tapi32

lineTranslateAddressW
lineShutdown
lineGetTranslateCapsW
lineInitialize

oleaut32

SysFreeString
VariantInit
SysAllocString

ole32

CoCreateInstance
CoInitialize
CoUninitialize

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aaa1
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aaa2
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aaa3
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aa03
Size: 512B - Virtual size: 210B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0a0a
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0b0a
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0b0c
Size: 512B - Virtual size: 214B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0d0c
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0e0c
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0e1c
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 198B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7acfa7b22db9d91c90f3cb8fd9460b4f

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

advapi32

shell32

version

tapi32

oleaut32

ole32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 968B

.aaa1 Size: 115KB - Virtual size: 115KB

.aaa2 Size: 115KB - Virtual size: 115KB

.aaa3 Size: 115KB - Virtual size: 115KB

.aa03 Size: 512B - Virtual size: 210B

.0a0a Size: 512B - Virtual size: 182B

.0b0a Size: 512B - Virtual size: 204B

.0b0c Size: 512B - Virtual size: 214B

.0d0c Size: 512B - Virtual size: 236B

.0e0c Size: 512B - Virtual size: 236B

.0e1c Size: 512B - Virtual size: 236B

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 512B - Virtual size: 198B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 968B

.aaa1
Size: 115KB - Virtual size: 115KB

.aaa2
Size: 115KB - Virtual size: 115KB

.aaa3
Size: 115KB - Virtual size: 115KB

.aa03
Size: 512B - Virtual size: 210B

.0a0a
Size: 512B - Virtual size: 182B

.0b0a
Size: 512B - Virtual size: 204B

.0b0c
Size: 512B - Virtual size: 214B

.0d0c
Size: 512B - Virtual size: 236B

.0e0c
Size: 512B - Virtual size: 236B

.0e1c
Size: 512B - Virtual size: 236B

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 512B - Virtual size: 198B