49e27d7f0045727666c4359b21763c116803539ab69d37c3932fa137aa7715a7

General

Target

49e27d7f0045727666c4359b21763c116803539ab69d37c3932fa137aa7715a7
Size

28KB
MD5

82130e3e4bd73a784c7b3a52592cc919
SHA1

fc1c87ca8b813f9bfd1c4e3082f3029451656280
SHA256

49e27d7f0045727666c4359b21763c116803539ab69d37c3932fa137aa7715a7
SHA512

bb766ca92c553ef8c8b04340f4e02762728ed521abfe73cf97870f3b74184d71d65d0425ab25035bee275d258f64be6e97f416cb5e900c00e595371276447d05
SSDEEP

384:q71MH+xNblIsO+JPaAs9j7eM+L9fvJn+GfA10tibTaUS/CrioA3Kr4KlTtZ:qe+flBJPaJDKVfA19/JSCri93Kr4apZ

Score

N/A

Malware Config

Signatures

Files

49e27d7f0045727666c4359b21763c116803539ab69d37c3932fa137aa7715a7
.exe windows x86

daf737adc4eb56308fd7e1528095f719

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

dsprop

ReportError
ErrMsg
MsgBox
CheckADsError
FindSheet

uxtheme

DrawThemeEdge
SetWindowTheme
CloseThemeData
GetThemeTextExtent
DrawThemeBackground
GetThemeInt
GetWindowTheme
GetThemeTextMetrics
GetThemeBool

wtsapi32

WTSLogoffSession
WTSQueryUserConfigA
WTSEnumerateSessionsA
WTSVirtualChannelClose
WTSRegisterSessionNotification
WTSQueryUserToken
WTSSetSessionInformationA
WTSVirtualChannelRead

shell32

DllUnregisterServer
SHGetMalloc
DragFinish
SHFileOperationA
ExtractIconA
SHGetDataFromIDListA
SHGetDesktopFolder
DragQueryPoint

kernel32

VirtualProtectEx
lstrcmpA
GetModuleFileNameA
FileTimeToLocalFileTime
IsBadStringPtrA
OpenMutexA
SetCurrentDirectoryA
EncodePointer
GetProcAddress
LoadLibraryA
InterlockedExchange
DecodeSystemPointer
CreateMutexA

ntshrui

IsPathSharedA
GetLocalPathFromNetResourceA
GetNetResourceFromLocalPathA

crypt32

CertCloseStore
CertDuplicateCRLContext
CertDuplicateStore
CertFindChainInStore
CertCompareCertificate
CertCreateCRLContext
CertNameToStrA

clbcatq

ComPlusMigrate
SetupOpen
CheckMemoryGates
SetSetupSave
DllGetClassObject

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

daf737adc4eb56308fd7e1528095f719

Headers

DLL Characteristics

File Characteristics

Imports

dsprop

uxtheme

wtsapi32

shell32

kernel32

ntshrui

crypt32

clbcatq

Sections

.text Size: 16KB - Virtual size: 15KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 11KB - Virtual size: 11KB