ca1ea498c0c25cc581ce48dfd33d70390d23ec9e80ed8e00d60f366c4bdeb52d

Sharing

Copy URL

Twitter E-mail

General

Target

ca1ea498c0c25cc581ce48dfd33d70390d23ec9e80ed8e00d60f366c4bdeb52d
Size

92KB
MD5

c35fbc39839cd65f7d2a8cd071cd715a
SHA1

05fca07023673920a1db675960115b7bbb4b8826
SHA256

ca1ea498c0c25cc581ce48dfd33d70390d23ec9e80ed8e00d60f366c4bdeb52d
SHA512

43b8e720738bfb9ea0146b28d1ca7e06f8e0e784f77f344e743b4bb4625c4fd491088ccf93b59b2e831bc318587cf3a2c6d23c911789cd50ddad2f0dcc0af8ce
SSDEEP

1536:gon0Vu2vuH8wvKpcRn/HW8CilafaeCPXAJnAmcBsCL:jgBMwKRPW8Ci3NwtA7BsW

Score

N/A

Malware Config

Signatures

Files

ca1ea498c0c25cc581ce48dfd33d70390d23ec9e80ed8e00d60f366c4bdeb52d
.exe windows x86

0a49d24c57776d2a7b923a70187067cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlDosPathNameToNtPathName_U
RtlFreeHeap
RtlFreeUnicodeString

kernel32

DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
GetComputerNameW
GetLastError
InitializeCriticalSection
LeaveCriticalSection
LocalAlloc
LocalFree
SetLastError
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize

advapi32

CloseTrace
LookupAccountSidA
LookupAccountSidW
OpenTraceW
ProcessTrace
RegCloseKey
RegisterTraceGuidsW
RegOpenKeyExW
RegQueryValueExW
StartTraceW
StopTraceW
TraceEvent

user32

CallWindowProcA
ChangeDisplaySettingsA
ChangeDisplaySettingsExA
ClientToScreen
ClipCursor
CloseClipboard
CloseDesktop
CopyRect
CreateWindowExA
DefWindowProcA
DestroyWindow
EmptyClipboard
EnumDisplayDevicesA
EnumDisplaySettingsA
EqualRect
GetAsyncKeyState
GetClassInfoA
GetClientRect
GetDC
GetForegroundWindow
GetKeyState
GetLastActivePopup
GetMonitorInfoA
GetSystemMetrics
GetThreadDesktop
GetUserObjectInformationA
GetWindowLongA
GetWindowThreadProcessId
IntersectRect
IsIconic
IsRectEmpty
IsWindow
IsWindowVisible
IsZoomed
KillTimer
LoadStringA
mouse_event
OffsetRect
OpenClipboard
OpenInputDesktop
PostMessageA
RedrawWindow
RegisterClassA
ReleaseDC
ScreenToClient
SendMessageA
SetClipboardData
SetCursor
SetFocus
SetForegroundWindow
SetRect
SetTimer
SetWindowLongA
SetWindowPos
ShowWindow
SystemParametersInfoA
wsprintfA

comctl32

ImageList_Create
ImageList_Destroy
ImageList_ReplaceIcon

shell32

ExtractIconExW
SHBrowseForFolderW
SHChangeNotify
ShellExecuteExW
ShellExecuteW
SHGetDesktopFolder
SHGetFileInfoW
SHGetFolderPathW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHOpenFolderAndSelectItems
SHParseDisplayName

gdi32

CreateFontIndirectW
DeleteObject
GetDeviceCaps

Sections

.text
Size: 4KB - Virtual size: 796B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 482B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a49d24c57776d2a7b923a70187067cd

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

kernel32

ole32

advapi32

user32

comctl32

shell32

gdi32

Sections

.text Size: 4KB - Virtual size: 796B

.rdata Size: 4KB - Virtual size: 482B

.data Size: 66KB - Virtual size: 68KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 4KB - Virtual size: 796B

.rdata
Size: 4KB - Virtual size: 482B

.data
Size: 66KB - Virtual size: 68KB

.rsrc
Size: 12KB - Virtual size: 12KB