7979ddfd1689dd09d1f3dc50cd804021ed5a705e86401e1296ebb0ea39828960

Sharing

Copy URL Twitter E-mail

General

Target

7979ddfd1689dd09d1f3dc50cd804021ed5a705e86401e1296ebb0ea39828960
Size

135KB
MD5

9a39158a8096e22a26d5c454d186a096
SHA1

a29fdeaacf6aef285979f0997dddedbc7773e641
SHA256

7979ddfd1689dd09d1f3dc50cd804021ed5a705e86401e1296ebb0ea39828960
SHA512

863d015cd137cc2dd00a5b141e3df9bcbfb9a28747b14180d4556392af32a6a363cd93940051d51a7612cac33b531f9d24f6d9bec430a2d6b73a4e2d34912532
SSDEEP

1536:OF3Y92PkWSKmhpsFqcb7Qh7nnMhVf8VFhqCa1j69Uecr/ijsWjcdRUqjKo54:83YcPkW7FJbcVMDf8jijSUfVSqOo5

Score

N/A

Malware Config

Signatures

Files

7979ddfd1689dd09d1f3dc50cd804021ed5a705e86401e1296ebb0ea39828960
.exe windows x86

28c3ad3e383176fee1d0d2b22366abda

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
CreateMutexW
FreeLibrary
GetModuleHandleW
GetSystemInfo
SetUnhandledExceptionFilter
FatalAppExitW
lstrcmpiW
GetCurrentThreadId
GetCurrentProcessId
GetSystemTime
WriteProcessMemory
LeaveCriticalSection
FlushInstructionCache
SetLastError
EnterCriticalSection
GlobalReAlloc
LocalFree
FlushFileBuffers
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LoadLibraryExW
LCMapStringW
GlobalUnlock
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
CloseHandle
DeleteCriticalSection
DecodePointer
GlobalFree
HeapSize
GetProcAddress
GetLastError
VerifyVersionInfoW
RaiseException
lstrlenW
InitializeCriticalSectionEx
MultiByteToWideChar
lstrcmpW
CreateFileW
GetModuleFileNameW
MulDiv
HeapReAlloc
LoadLibraryW
GlobalAlloc
WriteFile
GetProcessHeap
GlobalLock
HeapFree
GetCurrentProcess
VerSetConditionMask
HeapAlloc
GetStdHandle
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
Sleep
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
WideCharToMultiByte
GetModuleHandleExW
ExitProcess
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
RtlUnwind
GetCommandLineA
GetSystemTimeAsFileTime
EncodePointer
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
OutputDebugStringW
IsDebuggerPresent

user32

MessageBoxW
GetDesktopWindow
SendMessageW
ReleaseDC
GetDC
wsprintfW
MapDialogRect
DialogBoxIndirectParamW
SetForegroundWindow
LoadIconW
SetRect
SetWindowLongW
EndDialog
SendDlgItemMessageW
ShowWindow
GetActiveWindow
CreateWindowExW
GetDlgCtrlID
UnregisterClassW

gdi32

SetBkColor
DeleteObject
CreateFontW
CreateSolidBrush
EnumFontFamiliesW
GetDeviceCaps
SetTextColor

advapi32

RegCreateKeyExW
ControlService
RegDeleteTreeW
StartServiceW
OpenServiceW
OpenSCManagerW
DeleteService
CloseServiceHandle
CreateServiceW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegDeleteKeyW
RegQueryValueExW

shell32

Shell_NotifyIconW

ole32

CoCreateInstance
CoUninitialize
CLSIDFromString
CoInitializeEx

shlwapi

PathStripPathW
PathAppendW
PathRemoveFileSpecW
PathRemoveExtensionW

dbghelp

MiniDumpWriteDump

comctl32

ord17

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28c3ad3e383176fee1d0d2b22366abda

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

dbghelp

comctl32

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 31KB - Virtual size: 31KB

.data Size: 5KB - Virtual size: 13KB

.rsrc Size: 23KB - Virtual size: 23KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 31KB - Virtual size: 31KB

.data
Size: 5KB - Virtual size: 13KB

.rsrc
Size: 23KB - Virtual size: 23KB

.reloc
Size: 6KB - Virtual size: 5KB