e38157836a5c9455a6a7a4bc54b3b99f9fcc52fadcad4fa701ad8544ad0667d7

Sharing

Copy URL Twitter E-mail

General

Target

e38157836a5c9455a6a7a4bc54b3b99f9fcc52fadcad4fa701ad8544ad0667d7
Size

77KB
MD5

25c144cfcb4b543e1279847dc524df97
SHA1

4595bb474ca02d334fa17897dc640b97b133276f
SHA256

e38157836a5c9455a6a7a4bc54b3b99f9fcc52fadcad4fa701ad8544ad0667d7
SHA512

ac4b8014e25c0e4056c9286e37c9c1f403797bc28a21685baf921c2d10a50ad184fa43a6aa7ce5ffcd484086cbb61869a4fc1f90d1bf200f3aa7ed7e52b3cf24
SSDEEP

768:aRcTKJDJuqwRMtJUVSztCXBuXUYAGer10NUbYUgEpsuPvjpNKNWUPrjH2gyKZsy/:i7JDJTjrrX5PeZgWsuPvIzr72umykA

Score

N/A

Malware Config

Signatures

Files

e38157836a5c9455a6a7a4bc54b3b99f9fcc52fadcad4fa701ad8544ad0667d7
.exe windows x86

bfbf5b1a1d8eb185472f9d140d7f5dbc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreateToolbarEx
ord17
CreateStatusWindowW

kernel32

MultiByteToWideChar
lstrlenW
GlobalUnlock
VirtualAlloc
lstrcatW
CloseHandle
GetWindowsDirectoryW
lstrcpyW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringEx
HeapSize
GetStringTypeW
WideCharToMultiByte
HeapReAlloc
HeapAlloc
RtlUnwind
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
IsDebuggerPresent
GetCPInfo
GetOEMCP
GetACP
lstrcmpW
Sleep
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
TerminateProcess
GetCurrentProcess
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount64
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
InitOnceExecuteOnce
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetFileType
GetModuleFileNameW
WriteFile
GetStdHandle
GetProcAddress
GetModuleHandleExW
ExitProcess
DecodePointer
EncodePointer
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
SetLastError
GetLastError
IsProcessorFeaturePresent
GetCommandLineW
CreateFileW
ReadFile
GetConsoleWindow
GlobalAlloc
EnumLanguageGroupLocalesW
GetProcessHeap
GlobalLock
HeapFree
CreateProcessW
WriteConsoleW
GetFileSize
IsValidCodePage

odbc32

ord152
ord233
ord16
ord135
ODBCInternalConnectW
ord44

setupapi

SetupInitializeFileLogW
SetupRemoveFromDiskSpaceListW
SetupDiOpenClassRegKey
SetupAdjustDiskSpaceListA
SetupDiOpenDeviceInfoA
SetupDiClassGuidsFromNameA
SetupDiGetHwProfileListExW

user32

LoadCursorFromFileA
GetKeyboardLayout
DestroyWindow
GetWindowTextLengthW
CloseClipboard
TranslateAcceleratorW
GetMessageW
PostQuitMessage
DialogBoxParamW
LoadCursorW
GetClientRect
SetFocus
GetMonitorInfoW
TranslateMessage
LoadAcceleratorsW
GetMenu
GetWindowTextW
EnableMenuItem
EmptyClipboard
GetDlgItem
EndDialog
CheckDlgButton
LoadStringW
ShowWindow
IsDlgButtonChecked
CreateWindowExW
OpenClipboard
MessageBoxW
RegisterClassW
IsWindowVisible
SendMessageW
UpdateWindow
SetClipboardData
SetWindowTextW
DefWindowProcW
CheckMenuItem
MoveWindow
DispatchMessageW
AppendMenuW
ShowWindowAsync
DdeQueryStringA
ActivateKeyboardLayout
IsClipboardFormatAvailable
ValidateRgn
wsprintfW

mapi32

ord188
ord62
ord159
ord68
ord172

ole32

OpenOrCreateStream
IsEqualGUID
HWND_UserFree
OleInitializeWOW
HBITMAP_UserMarshal
OleConvertOLESTREAMToIStorageEx
UtConvertDvtd16toDvtd32
CLSIDFromString
OleInitialize
OleUninitialize
HMENU_UserFree

ws2_32

gethostbyname
WSAEnumNameSpaceProvidersW
WSAResetEvent
send
WSASetBlockingHook

msacm32

acmDriverRemove
acmDriverAddA
acmStreamConvert
acmFormatChooseW
acmStreamReset

mpr

WNetEnumResourceW
WNetAddConnection2W
WNetAddConnectionW
WNetDisconnectDialog
WNetGetResourceParentW
WNetGetConnectionA
WNetGetResourceParentA

comdlg32

GetOpenFileNameW

advapi32

RegOpenKeyW
RegSetValueExW
RegCloseKey
RegEnumValueW
RegGetValueW
RegCreateKeyW
RegEnumKeyW
RegQueryValueW

shell32

ShellAboutW

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bfbf5b1a1d8eb185472f9d140d7f5dbc

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

odbc32

setupapi

user32

mapi32

ole32

ws2_32

msacm32

mpr

comdlg32

advapi32

shell32

Sections

.text Size: 50KB - Virtual size: 49KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 13KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 50KB - Virtual size: 49KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 13KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 8KB - Virtual size: 7KB