a4c2fb04b889a9b05b9b1c96dcb78e0433aae67820b1800ca9d418749ba3418b

Sharing

Copy URL Twitter E-mail

General

Target

a4c2fb04b889a9b05b9b1c96dcb78e0433aae67820b1800ca9d418749ba3418b
Size

119KB
MD5

72400be77d1db652b5ac804d23a27903
SHA1

2c765cad107b5bc00399c00facd4422fb37b7474
SHA256

a4c2fb04b889a9b05b9b1c96dcb78e0433aae67820b1800ca9d418749ba3418b
SHA512

356fba2c2d6b9a6103b372a7ee34ba829a1bd5128c7f1e381f5a40a0d6dc15e511f4c509048a32460a08f16f22652e0646bcc062df6327844e9b8326a71c38f1
SSDEEP

3072:RKmRL8fckavas0KiWgtVMBx1xCdy9L1SSmuXVgetlOU6:I/ckYaxKwyTxP9LhmuG2OU

Score

N/A

Malware Config

Signatures

Files

a4c2fb04b889a9b05b9b1c96dcb78e0433aae67820b1800ca9d418749ba3418b
.exe windows x86

7b362a3e86d0ff144deb920e4ed06e57

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysStringByteLen
SafeArrayGetElement
SysReAllocStringLen
VariantCopyInd
SafeArrayUnaccessData
SafeArrayPutElement
OleLoadPicture
LoadTypeLibEx
LoadTypeLib
VariantCopy
GetErrorInfo
SysFreeString
SysAllocStringByteLen
SafeArrayCreate
RegisterTypeLib
SysAllocStringLen
SafeArrayGetUBound
SysStringLen
VariantChangeType
SetErrorInfo
SafeArrayAccessData
VariantInit
SafeArrayGetLBound
GetActiveObject
CreateErrorInfo
VariantChangeTypeEx
VariantClear

user32

wsprintfA
SendMessageA
GetWindowLongW
GetWindowRect
GetDlgItem
MessageBoxW
SetWindowLongA
InvalidateRect
EndPaint
ShowWindow
GetDesktopWindow
IsWindow
GetClientRect
SetWindowLongW
DefWindowProcA
EndDialog
GetWindowLongA
GetSysColor
SetFocus
BeginPaint
CharNextA
SetCursor
SendMessageW
GetDC
GetParent
KillTimer
CreateWindowExA
ReleaseDC
LoadStringA
DispatchMessageA
PostQuitMessage
LoadStringW

kernel32

GetLastError
GetComputerNameW
WriteConsoleW
SetThreadPriority
FindNextFileA
VirtualAlloc
GetExitCodeProcess
OutputDebugStringW
RaiseException
IsValidCodePage
LoadLibraryExA
GetCurrentProcess
GetWindowsDirectoryW
GetCommandLineW
LoadResource
CloseHandle
FileTimeToLocalFileTime
CreateFileMappingA
AddAtomW
CreateMutexA
CreateFileMappingW
GetTempPathA
IsBadCodePtr
OpenProcess
GetCurrentDirectoryW
ExpandEnvironmentStringsA
CreateProcessW
DeviceIoControl
FindResourceA
GetFullPathNameW
lstrcatW
CopyFileW
ReleaseSemaphore
ExitProcess
SizeofResource
CreateMutexW
IsDBCSLeadByte
MulDiv
SetFileAttributesA
LockResource
ResumeThread

advapi32

GetTokenInformation
RegSetValueExW
AllocateAndInitializeSid
CloseServiceHandle
RegOpenKeyExA
FreeSid
RegDeleteValueA
RegDeleteValueW
RegEnumKeyExW
InitializeSecurityDescriptor
OpenProcessToken
RegEnumValueW
RegCreateKeyExW
RegCreateKeyExA
RegQueryInfoKeyW
RegSetValueExA
RegCloseKey
OpenThreadToken
RegDeleteKeyW
RegDeleteKeyA
RegOpenKeyExW
RegQueryValueExA
RegEnumKeyExA

dnsapi

DnsCopyStringEx

rpcrt4

NdrByteCountPointerBufferSize
DllRegisterServer
MesDecodeIncrementalHandleCreate
NDRCContextMarshall
NdrAsyncClientCall
MesInqProcEncodingId
NDRSContextMarshallEx
NdrAsyncServerCall
MesBufferHandleReset
DceErrorInqTextW
NdrClientInitialize
CStdStubBuffer_CountRefs
NdrByteCountPointerUnmarshall
NDRCContextBinding
NdrByteCountPointerFree
NDRSContextMarshall
DllGetClassObject
MesEncodeFixedBufferHandleCreate
CreateStubFromTypeInfo
MesHandleFree
MesIncrementalHandleReset
NdrAllocate
NdrConformantStructBufferSize
NDRcopy

shell32

Shell_MergeMenus
IsNetDrive
SHStartNetConnectionDialogW
DllRegisterServer
DragFinish
DragAcceptFiles
DAD_DragMove
PickIconDlg
SHChangeNotifyDeregister
SHChangeNotifyRegister
IsLFNDrive
Shell_GetCachedImageIndex
PathQualify
Shell_GetImageLists
DllUnregisterServer
DllGetClassObject
PifMgr_OpenProperties
DriveType
DllCanUnloadNow
SHCoCreateInstance
DAD_DragEnterEx
SHDefExtractIconW
SHILCreateFromPath
DllInstall
GetFileNameFromBrowse
DAD_DragLeave
DllGetVersion
RestartDialog

Sections

.textbss
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 454B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7b362a3e86d0ff144deb920e4ed06e57

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

user32

kernel32

advapi32

dnsapi

rpcrt4

shell32

Sections

.textbss Size: - Virtual size: 104KB

.debug Size: 9KB - Virtual size: 9KB

.text Size: 512B - Virtual size: 454B

.idata Size: 69KB - Virtual size: 68KB

.rdata Size: 10KB - Virtual size: 10KB

.rsrc Size: 17KB - Virtual size: 17KB

.data Size: 11KB - Virtual size: 10KB

.textbss
Size: - Virtual size: 104KB

.debug
Size: 9KB - Virtual size: 9KB

.text
Size: 512B - Virtual size: 454B

.idata
Size: 69KB - Virtual size: 68KB

.rdata
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 17KB - Virtual size: 17KB

.data
Size: 11KB - Virtual size: 10KB