462f7c67ec4173dfada1b2b6aebb3aa55d0157d595b3c4e4de98f034fa7856f7

Sharing

Copy URL Twitter E-mail

General

Target

462f7c67ec4173dfada1b2b6aebb3aa55d0157d595b3c4e4de98f034fa7856f7
Size

811KB
MD5

f21d87e03ae321baad60d1d0974f0f4d
SHA1

3900bbd702f5ed1e7e675fc8b4736cfecb8a6882
SHA256

462f7c67ec4173dfada1b2b6aebb3aa55d0157d595b3c4e4de98f034fa7856f7
SHA512

376ec946ae9130a4b0f3856d01234845331ab84bdf84cf19385790b95ac8803c141207de2f892a7986c659b9b422ca17a00a8c9ee4a211c2b7ca977cba3422b7
SSDEEP

24576:tgKRJtLYGpDHoTgc4uZ9GxMc4O1vYoTC5juHeOhe:tgKRNpDosc4uZ9GxMc4OVYoX

Score

N/A

Malware Config

Signatures

Files

462f7c67ec4173dfada1b2b6aebb3aa55d0157d595b3c4e4de98f034fa7856f7
.exe windows x86

49e91a4ec08e4b8411c230f87d57ad79

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dsprop

FindSheet
ErrMsg

ntshrui

IsFolderPrivateForUser
IsPathSharedA
GetLocalPathFromNetResourceA
GetNetResourceFromLocalPathA
IsPathSharedW

msctf

TF_CreateThreadMgr
TF_CreateLangBarMgr

kernel32

FindResourceA
GetProcAddress
SetCurrentDirectoryA
GetMailslotInfo
IsBadStringPtrA
GetPrivateProfileSectionA
CreateEventA
VirtualProtectEx
DisconnectNamedPipe
OpenMutexA
IsBadWritePtr
GetEnvironmentVariableA
FileTimeToLocalFileTime
GetCurrentDirectoryA
EncodePointer
GetModuleFileNameA
QueryDosDeviceA
VirtualQueryEx
DecodeSystemPointer
LoadLibraryA
MoveFileA
SetFileAttributesA
lstrcmpA
CloseHandle

clbcatq

DllGetClassObject
CheckMemoryGates

wtsapi32

WTSOpenServerA
WTSQuerySessionInformationA
WTSRegisterSessionNotification
WTSVirtualChannelClose
WTSCloseServer
WTSSetSessionInformationA
WTSEnumerateProcessesA
WTSVirtualChannelRead
WTSEnumerateSessionsA
WTSLogoffSession
WTSQueryUserToken
WTSVirtualChannelWrite

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 795KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49e91a4ec08e4b8411c230f87d57ad79

Headers

DLL Characteristics

File Characteristics

Imports

dsprop

ntshrui

msctf

kernel32

clbcatq

wtsapi32

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 4KB

.rsrc Size: 795KB - Virtual size: 2.2MB

.reloc Size: 1KB - Virtual size: 4KB

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 795KB - Virtual size: 2.2MB

.reloc
Size: 1KB - Virtual size: 4KB