98486aaa93c5e5d6d2cfa58fb2958292502a5e15ae4318b844b78096aebcdd4c

Sharing

Copy URL Twitter E-mail

General

Target

98486aaa93c5e5d6d2cfa58fb2958292502a5e15ae4318b844b78096aebcdd4c
Size

277KB
MD5

8e887401d3bff38bf25e80b2c7b0e5cc
SHA1

199d61f3c708c4da9052843c032ac7bcec5dae39
SHA256

98486aaa93c5e5d6d2cfa58fb2958292502a5e15ae4318b844b78096aebcdd4c
SHA512

8256bb816849d37ad6e55ff3b96bc8b3a1e5dff63c9fe1a712553bdea0afdede87c656d7a53d56f84bc895dd659930a31ed3890770114d86b77e7a49709f0a5a
SSDEEP

6144:IpH/j/mRZtgoOzF6UUx283ffURfi0eQZllJYc+3HC3ggv/l3yB7:IpHb/m/tgdzF6xM8335fW4kg607

Score

N/A

Malware Config

Signatures

Files

98486aaa93c5e5d6d2cfa58fb2958292502a5e15ae4318b844b78096aebcdd4c
.exe windows x86

4781ca346f6a8d38a4e30097de6b7462

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Draw
CreatePropertySheetPageW
ImageList_Destroy
DestroyPropertySheetPage
InitCommonControls
CreateStatusWindowA
ImageList_ReplaceIcon
CreatePropertySheetPageA
InitCommonControlsEx
PropertySheetA
ImageList_AddMasked
ImageList_Create

comdlg32

GetOpenFileNameW
GetFileTitleA
CommDlgExtendedError
ChooseFontW
GetOpenFileNameA
ChooseFontA
GetSaveFileNameA
GetFileTitleW
GetSaveFileNameW

msvcrt

__p__fmode
_local_unwind2
_wtoi
tolower
_chsize
exit
_itoa
_wmakepath
fflush
wcsncpy
_wtol
abort
__getmainargs
srand
_vsnwprintf
wcscmp
_fsopen
_filelength
_wsplitpath
memmove
fread
_memicmp
printf
isspace
_fileno
strncat
isxdigit
wcstok
_wgetenv

gdi32

GetDeviceCaps
SetPixel
GetEnhMetaFileBits
OffsetViewportOrgEx
GdiFlush
CreatePalette
IntersectClipRect
GetCharWidthA
SetViewportOrgEx
SetICMMode
GetPixel
GetDIBColorTable
PatBlt
SetMapMode
Pie
ColorMatchToTarget
StretchBlt
SetDIBits
SetTextColor
ExtTextOutA
CreateRectRgn
OffsetRgn
GetSystemPaletteEntries
CreateRoundRectRgn
CreatePen
SetBkColor
SetViewportExtEx
LPtoDP

kernel32

VirtualFree
SetStdHandle
lstrcpyW
GetCurrentProcessId
GetCurrentThreadId
InterlockedIncrement
LoadResource
IsValidCodePage
GetStartupInfoW
WideCharToMultiByte
SizeofResource
GetLastError
SetEnvironmentVariableA
GetCommandLineW
GetACP
WriteFile
HeapDestroy
ResetEvent
LoadLibraryA
SetCurrentDirectoryA
ProcessIdToSessionId
GetModuleHandleW
VirtualAlloc
ExitThread
GetTimeFormatA
ExitProcess
GetStringTypeW
EnumSystemLocalesA
InitializeCriticalSection
WaitForSingleObject
lstrcpynW
CopyFileW
SetErrorMode

ntdll

RtlConvertSidToUnicodeString
RtlCopyUnicodeString
_wcsnicmp
RtlIntegerToUnicodeString
NtQuerySystemTime
RtlDosPathNameToNtPathName_U
RtlLengthRequiredSid
RtlUnicodeToOemN
RtlFreeHeap
RtlSubAuthorityCountSid
RtlEqualUnicodeString
RtlGetNtProductType
NtQueryVirtualMemory
NtWaitForSingleObject
NtQueryValueKey
RtlImageNtHeader
NtOpenKey
RtlAllocateHeap
NtQueryInformationToken
RtlUnicodeStringToAnsiString
RtlCompareUnicodeString
RtlInitializeSid
_stricmp
_wcsicmp
RtlMultiByteToUnicodeN
NtQueryInformationProcess
RtlCreateAcl
NtSetInformationThread
NtFsControlFile

shlwapi

PathFindExtensionA
StrCpyW
SHGetValueW
StrChrIW
StrToIntW
SHDeleteValueW
StrStrW
StrCpyNW
StrCmpIW
PathFindExtensionW
StrCmpNW
PathIsRelativeW
PathRemoveExtensionW
PathGetDriveNumberW
PathRemoveBlanksW
StrCmpNIA
PathFileExistsW
PathRemoveFileSpecA
PathRemoveFileSpecW
PathAppendA

version

GetFileVersionInfoA
GetFileVersionInfoSizeW
VerQueryValueA
GetFileVersionInfoW
GetFileVersionInfoSizeA

user32

LoadBitmapA
GetWindowLongA
SetWindowLongW
MessageBoxA
DispatchMessageA
CharUpperW
DestroyIcon
ExitWindowsEx
SetDlgItemTextW
IsDlgButtonChecked
FindWindowA

advapi32

OpenServiceA
FreeSid
RegQueryValueW
GetTokenInformation
ChangeServiceConfigA
RegCreateKeyExW
AllocateAndInitializeSid
ChangeServiceConfig2A
RegDeleteValueA
RegDeleteKeyW
RegQueryInfoKeyW
InitializeSecurityDescriptor
RegDeleteValueW
GetSecurityDescriptorControl
CloseServiceHandle

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 147KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 89KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4781ca346f6a8d38a4e30097de6b7462

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

comdlg32

msvcrt

gdi32

kernel32

ntdll

shlwapi

version

user32

advapi32

Sections

.text Size: 26KB - Virtual size: 25KB

.data Size: 12KB - Virtual size: 12KB

.rdata Size: 147KB - Virtual size: 238KB

.bss Size: 89KB - Virtual size: 180KB

.reloc Size: 1024B - Virtual size: 968B

.text
Size: 26KB - Virtual size: 25KB

.data
Size: 12KB - Virtual size: 12KB

.rdata
Size: 147KB - Virtual size: 238KB

.bss
Size: 89KB - Virtual size: 180KB

.reloc
Size: 1024B - Virtual size: 968B