dd4b45c1b0ee3f206d51af2126c969898d4de0e1b26c48fe806f029fb240222c

General

Target

dd4b45c1b0ee3f206d51af2126c969898d4de0e1b26c48fe806f029fb240222c
Size

271KB
MD5

bc4ff72f3d2b0b4e32f5e8bb6edd7d48
SHA1

3ce85a9c9b54f457453c5c6941ffb119ee32a27b
SHA256

dd4b45c1b0ee3f206d51af2126c969898d4de0e1b26c48fe806f029fb240222c
SHA512

9af3c6cee8d69b4e086246c6718e6d4168623aca57110b40ea4bc5406ecbe0a05289ed4d8010b9652ee067ed557dde4e3ff23452a7a32125c2571da06fe9bad2
SSDEEP

6144:6l9V4vSvJKYM6qCs91Se9LiCOb9Id1Sn:6loaRKYZqwIERp

Score

N/A

Malware Config

Signatures

Files

dd4b45c1b0ee3f206d51af2126c969898d4de0e1b26c48fe806f029fb240222c
.exe windows x86

470d10733e430545b8d86df594e21544

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlGetPartW
PathCombineW
UrlCanonicalizeW
UrlApplySchemeW
UrlCombineW
PathAppendW

wtsapi32

WTSUnRegisterSessionNotification
WTSQuerySessionInformationW
WTSFreeMemory
WTSEnumerateSessionsW
WTSRegisterSessionNotification

kernel32

SystemTimeToFileTime
HeapFree
GetCurrentProcess
LoadLibraryW
CreateFileW
GetStdHandle
GetModuleHandleA
GetACP
GetEnvironmentVariableA
HeapAlloc
GetStartupInfoA
GetThreadLocale
GetSystemTime
lstrlenA
UnhandledExceptionFilter
GetCurrentThreadId
InterlockedExchange
InterlockedCompareExchange
HeapSize
EnumResourceTypesW
RaiseException
LoadLibraryExW
CreateProcessA
HeapDestroy
GetTickCount
MultiByteToWideChar
lstrlenW
LocalAlloc
WideCharToMultiByte
IsDebuggerPresent
HeapFree
SetUnhandledExceptionFilter
ResetWriteWatch
GetLocaleInfoA
CloseHandle
WriteFile
Sleep
GetProcessHeap
HeapReAlloc
GetCurrentProcessId
TerminateProcess
QueryPerformanceCounter
GetSystemTimeAsFileTime
lstrcpynW

msimg32

TransparentBlt

oleacc

LresultFromObject
AccessibleObjectFromEvent

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

470d10733e430545b8d86df594e21544

Headers

File Characteristics

Imports

shlwapi

wtsapi32

kernel32

msimg32

oleacc

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 2KB - Virtual size: 141KB

.data Size: 166KB - Virtual size: 166KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 2KB - Virtual size: 141KB

.data
Size: 166KB - Virtual size: 166KB

.rsrc
Size: 512B - Virtual size: 4KB