96db741a886ddf2ea3a95d1f0d8b447e9d103900230d58bc1e82e898d6294e9d

Sharing

Copy URL Twitter E-mail

General

Target

96db741a886ddf2ea3a95d1f0d8b447e9d103900230d58bc1e82e898d6294e9d
Size

67KB
MD5

0b472888265fd347702b8c0e10440a50
SHA1

f75933c6f2c800732be8eb6aa2bf6d9d7c81998a
SHA256

96db741a886ddf2ea3a95d1f0d8b447e9d103900230d58bc1e82e898d6294e9d
SHA512

ba07ce6169ed700650c8fed20f98730813296136f69e77683a174d823c67658e0a6393f9fc76378dd5cc7c1c4607fe3f493addca3adfb7e1780e48d304932af7
SSDEEP

1536:WAkecUvI3/FSvc6A12oPmxGIzPrKwhZEYLbRUUPCbL7f2BXD:Xb60A12oexGIzPImPqwz

Score

N/A

Malware Config

Signatures

Files

96db741a886ddf2ea3a95d1f0d8b447e9d103900230d58bc1e82e898d6294e9d
.exe windows x86

ca16406a9d2ad9ade05fe97c1d826d33

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetErrorMode
GetPrivateProfileStringW
WriteFile
GlobalUnlock
LoadLibraryExW
GetSystemTimeAsFileTime
DeleteFileW
GetTempFileNameW
GetEnvironmentVariableW
GlobalSize
GlobalReAlloc
LoadResource
FreeLibrary
EnumResourceNamesW
GetWindowsDirectoryW
GetLastError
MoveFileW
GetDriveTypeW
MulDiv
WritePrivateProfileStringW
WinExec
ExitProcess
GetStartupInfoW
GetCommandLineW
LoadLibraryW
GetThreadLocale
FindResourceW
LockResource
FreeResource
LocalFree
CreateFileW
ReadFile
SetFilePointer
MultiByteToWideChar
ExpandEnvironmentStringsW
GetModuleHandleW
GetProcAddress
SetLastError
FindFirstFileW
FindClose
SearchPathW
Sleep
GlobalAlloc
CreateProcessW
CloseHandle
GetPrivateProfileSectionW
GlobalLock
lstrcmpW
GlobalFree
lstrcpyW
lstrcatW
lstrcmpiW
lstrcpynW
lstrlenW
lstrlenA
GetModuleFileNameW
LocalAlloc
RemoveDirectoryW
SetFileAttributesW

gdi32

GetDeviceCaps
GetTextExtentPointW
GetTextExtentExPointW

user32

DdeClientTransaction
wsprintfW
LoadStringW
GetWindow
CharNextW
SetPropW
DdeQueryNextServer
GetPropW
FindWindowW
GetClassNameW
DdeConnectList
DdeCreateStringHandleW
GetDesktopWindow
DdeFreeStringHandle
DdeUninitialize
DdeInitializeW
SetForegroundWindow
CopyRect
DdeDisconnectList
LookupIconIdFromDirectory
CreateDialogParamW
EnableMenuItem
GetSystemMenu
GetDC
DestroyWindow
GetClientRect
SendDlgItemMessageW
DispatchMessageW
SystemParametersInfoW
LoadCursorW
SetCursor
GetLastActivePopup
wvsprintfW
GetSystemMetrics
PeekMessageW
MessageBoxW
GetDlgItem
SetDlgItemTextW
ReleaseDC

advapi32

RegQueryValueW
RegEnumKeyExW
RegCloseKey
RegSetValueW
RegOpenKeyW
RegEnumValueW
RegCreateKeyW
RegDeleteKeyW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyW
RegQueryValueExW
RegOpenKeyExW

comctl32

ord328
ord334
ord365
ord320
ord321
ord326
ord323
ord73
ord236
ord358
ord235
ord324
ord17
ord332

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shell32

ord163
ord171
ord63
SHGetSpecialFolderLocation
ord23
ord128
ord25
ord155
ord157
SHGetPathFromIDListW
ShellExecuteExW
ord96
ord195
ord33
ord196
FindExecutableW
ord29
ord37
ord31
SHChangeNotify
ord32
ord39
ord175
ord57
ord49
ord45
ord36
ord119
ord58
ord165
ord56
ord51
ord52
ord79
ord164
SHAddToRecentDocs
ord64
ord89
ord35
ord34
ord94

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca16406a9d2ad9ade05fe97c1d826d33

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

user32

advapi32

comctl32

version

shell32

Sections

.text Size: 33KB - Virtual size: 32KB

.data Size: 512B - Virtual size: 592B

.rsrc Size: 33KB - Virtual size: 32KB

.text
Size: 33KB - Virtual size: 32KB

.data
Size: 512B - Virtual size: 592B

.rsrc
Size: 33KB - Virtual size: 32KB