dec2c9fbaf39e0fc5f1f135b984e152d2a2bdacc772ab0c1bee4525ece777d7c

Sharing

Copy URL Twitter E-mail

General

Target

dec2c9fbaf39e0fc5f1f135b984e152d2a2bdacc772ab0c1bee4525ece777d7c
Size

82KB
MD5

0cb521d4a37d41a9cb5896f00410f3e0
SHA1

dee4ee66039445bd426ed82c2b690ababe620db6
SHA256

dec2c9fbaf39e0fc5f1f135b984e152d2a2bdacc772ab0c1bee4525ece777d7c
SHA512

1820d4e2bf4081e90a8df966dc7790a47f903566abb25e0ef67698ab8d612300528bd5f8178c3047418daed62a226bbf52e6dcdf8c4373feb0f7206f81e9675b
SSDEEP

1536:LOEltxkT2kq2bcNJEr6GIR4XdBGaJql/sof4f1FxSvm3KIZ+ZCn:LOEltxc2kq2b6uk4Xdpql/sof8CvI+Q

Score

N/A

Malware Config

Signatures

Files

dec2c9fbaf39e0fc5f1f135b984e152d2a2bdacc772ab0c1bee4525ece777d7c
.exe windows x86

8a256b5f3d5fe39a9139cfb2fc0f265d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advpack

RegInstall

ntdll

NtAddAtom

gdi32

DeleteDC
SetViewportOrgEx
BitBlt
GetTextMetricsA
DeleteObject
CreateFontIndirectA
CreateCompatibleDC
SetWindowOrgEx
RestoreDC
GetDeviceCaps
GetObjectA
SetBkColor
CreateSolidBrush
SaveDC
SetTextColor
ModifyWorldTransform
ExtTextOutA
SelectObject
SetGraphicsMode
DPtoLP

advapi32

RegQueryValueExA
RegEnumKeyExA
RegCloseKey
RegDeleteKeyA
RegSetValueExA
RegOpenKeyExA
RegEnumValueA

kernel32

SetEvent
LoadLibraryA
LocalAlloc
DisableThreadLibraryCalls
LocalFree
GetProcAddress
GetDiskFreeSpaceA
GetModuleFileNameA
lstrcpyA
lstrcpynA
CreateFileA
HeapReAlloc
DeleteCriticalSection
VirtualAlloc
InterlockedDecrement
GetProcessHeap
GetModuleHandleA
lstrcmpiA
lstrlenA
FreeLibrary
HeapFree
CreateEventA
lstrcatA
lstrcmpA
GetTickCount
InitializeCriticalSection
HeapAlloc
GetSystemDirectoryA
GetWindowsDirectoryA
InterlockedIncrement
CreateThread
CloseHandle

atl

AtlMarshalPtrInProc

ole32

CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree

user32

CreateDialogParamA
SetWindowPos
SendMessageA
DestroyWindow
SetWindowLongA
CharUpperA
TranslateMessage
MessageBoxA
IsWindow
ShowWindow
LoadImageA
CheckDlgButton
DestroyIcon
SendDlgItemMessageA
EndDialog
IsDlgButtonChecked
GetDlgItem
GetClientRect
GetWindowLongA
DispatchMessageA
DialogBoxParamA
SetWindowTextA
GetWindowTextA
GetSysColor
LoadBitmapA
ReleaseDC
CharPrevA
SetDlgItemTextA
GetWindowRect
MsgWaitForMultipleObjects
IsDialogMessageA
LoadStringA
wsprintfA
InvalidateRect
EnableWindow
DrawTextA
PeekMessageA
GetDC

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

Sections

.textbss
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a256b5f3d5fe39a9139cfb2fc0f265d

Headers

DLL Characteristics

File Characteristics

Imports

advpack

ntdll

gdi32

advapi32

kernel32

atl

ole32

user32

version

Sections

.textbss Size: - Virtual size: 1.2MB

.text Size: 512B - Virtual size: 428B

.idata Size: 79KB - Virtual size: 79KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 1024B - Virtual size: 816B

.textbss
Size: - Virtual size: 1.2MB

.text
Size: 512B - Virtual size: 428B

.idata
Size: 79KB - Virtual size: 79KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 1024B - Virtual size: 816B