953769598cb0d41d7529173cdeecebc429c32af3fb06ad9c4998ad815396daaf

Sharing

Copy URL Twitter E-mail

General

Target

953769598cb0d41d7529173cdeecebc429c32af3fb06ad9c4998ad815396daaf
Size

515KB
MD5

2999cca911669ca0fe833afffe4ee014
SHA1

85fd6344f02a1978f50fcad4ad85cb818823fc31
SHA256

953769598cb0d41d7529173cdeecebc429c32af3fb06ad9c4998ad815396daaf
SHA512

ce3444c2edffcdc67740031c9ca903fe66aa12e4de90b1848b7457a167b5a571cfccd5fc9b2a935b6c4cb7afe24ddedccb2e815ecd905035b80a31fab90e2b56
SSDEEP

12288:X4sMD4Nc80Bbqiw/6YavYkz7xb1SSlzBjCJ9oWm0FS:IZ8c80BO/FkvvdCoWpS

Score

N/A

Malware Config

Signatures

Files

953769598cb0d41d7529173cdeecebc429c32af3fb06ad9c4998ad815396daaf
.exe windows x86

20704b905e86ee0c8bff15ff5dd33663

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msctf

TF_CreateThreadMgr
TF_InitSystem
TF_GetInputScope
TF_UninitSystem
TF_CreateLangBarMgr

clbcatq

CheckMemoryGates
ComPlusMigrate
SetupOpen
SetSetupSave
DllGetClassObject

uxtheme

IsThemeActive
GetThemeEnumValue
GetThemeTextExtent
GetWindowTheme
GetThemeColor
OpenThemeData
SetWindowTheme

ntshrui

IsPathSharedA
IsPathSharedW
GetNetResourceFromLocalPathA
IsFolderPrivateForUser
GetLocalPathFromNetResourceA

shell32

SHGetDataFromIDListA
ShellMessageBoxA
ShellAboutA
DllUnregisterServer
SHFree
SHCreateShellItem
SHGetFileInfoA
ExtractIconA
SHGetMalloc

kernel32

GetEnvironmentVariableA
GetModuleFileNameA
IsBadWritePtr
VirtualProtectEx
CreateMailslotA
QueryDosDeviceA
CreateNamedPipeA
GetPrivateProfileSectionA
GetModuleHandleA
VirtualQueryEx
GetMailslotInfo
SetFileAttributesA
DecodeSystemPointer
FileTimeToLocalFileTime
SetCurrentDirectoryA
FindResourceA
IsBadCodePtr
IsBadStringPtrA
lstrcmpA
InterlockedDecrement
GetLogicalDrives
OpenMutexA

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 962B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 500KB - Virtual size: 784KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

20704b905e86ee0c8bff15ff5dd33663

Headers

File Characteristics

Imports

msctf

clbcatq

uxtheme

ntshrui

shell32

kernel32

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 962B

.rsrc Size: 500KB - Virtual size: 784KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 962B

.rsrc
Size: 500KB - Virtual size: 784KB

.reloc
Size: 1KB - Virtual size: 1KB