DotNetExp[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

DotNetExp.exe
Size

1.9MB
MD5

adf4992985a7c26c523556ec676e9a63
SHA1

3d799d9fb58dcd03b6d7a7bf4bc4b83083c805b2
SHA256

48ddef8c838bb8bfdab45076ad1f888a56a02c780757b37ceddc4e3099ce0903
SHA512

16ce2eea8482b1e5e4c20f451b491629f4fe6e24febe0de00ae4f35f61ce0b0691c05ad0d7687249231cc4dcde69784ca7e345494659a114f5b00a34799f39e4
SSDEEP

49152:t1AbpCvQrT4wCAFVWqm6xavtttttt4kaalB2:kbpCvQ3+AFVWX6xaAkaa

Score

N/A

Malware Config

Signatures

Files

DotNetExp.exe
.exe windows x86

1e4f290b6d368d8d5075af61adb5d7ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
SetStdHandle
SetConsoleCtrlHandler
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetFileType
GetCurrentThread
WriteFile
GetStdHandle
GetModuleHandleExW
ExitProcess
VirtualProtect
GetSystemInfo
SetFilePointerEx
TlsSetValue
TlsGetValue
TlsAlloc
InterlockedFlushSList
RtlUnwind
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
GetCurrentProcess
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
OutputDebugStringW
IsDebuggerPresent
SetFilePointer
ReadFile
WriteProcessMemory
ReadProcessMemory
GetProcessTimes
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
CreateFileW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
Module32NextW
Module32FirstW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
QueryFullProcessImageNameW
OpenProcess
ProcessIdToSessionId
CloseHandle
VerifyVersionInfoW
lstrcmpW
MulDiv
LoadLibraryW
VirtualQuery
GetCurrentProcessId
VerSetConditionMask
lstrlenW
MultiByteToWideChar
lstrcmpiW
LoadLibraryExW
GetProcAddress
GetFileSizeEx
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
WriteConsoleW
SetLastError
GetLastError
RaiseException
DecodePointer
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
TlsFree
HeapDestroy

user32

UnhookWindowsHookEx
SetWindowsHookExW
GetWindowThreadProcessId
GetClassNameW
GetDesktopWindow
PtInRect
OffsetRect
InflateRect
SetRectEmpty
CallNextHookEx
FrameRect
FillRect
GetSysColor
SystemParametersInfoW
ScreenToClient
ClientToScreen
GetCursorPos
SetCursorPos
MessageBeep
MessageBoxW
SetRect
LoadIconW
LockWindowUpdate
SetWindowPos
EndDialog
GetClientRect
GetWindowRect
MapWindowPoints
GetWindowLongW
MonitorFromPoint
WindowFromPoint
EnableWindow
AdjustWindowRectEx
RedrawWindow
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
UpdateWindow
DrawTextW
SetMenuDefaultItem
SetMenuItemInfoW
GetMenuItemInfoW
TrackPopupMenuEx
DeleteMenu
RemoveMenu
GetParent
GetWindow
MonitorFromWindow
CreateDialogParamW
GetSubMenu
GetMonitorInfoW
LoadStringW
GetMessageW
TranslateMessage
DispatchMessageW
ModifyMenuW
AppendMenuW
GetMenuItemCount
GetMenuItemID
CheckMenuRadioItem
EnableMenuItem
CreatePopupMenu
SetMenu
GetMenu
TranslateAcceleratorW
IsWindowEnabled
ReleaseCapture
SetCapture
GetCapture
GetKeyState
GetFocus
GetActiveWindow
CharLowerW
GetDlgCtrlID
DialogBoxParamW
IsWindowVisible
IsMenu
PostQuitMessage
PostMessageW
GetMessagePos
DrawFrameControl
DrawEdge
TrackMouseEvent
RegisterWindowMessageW
LoadStringA
SetCursor
GetSysColorBrush
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
KillTimer
SetTimer
SetFocus
SetDlgItemTextW
GetDlgItem
CallWindowProcW
SendMessageW
LoadImageW
LoadCursorW
SetWindowLongW
DestroyMenu
LoadMenuW
GetSystemMetrics
LoadAcceleratorsW
CharNextW
ShowWindow
DestroyWindow
IsWindow
CreateWindowExW
GetClassInfoExW
RegisterClassExW
UnregisterClassW
DefWindowProcW
PeekMessageW

gdi32

SetBrushOrgEx
SetViewportOrgEx
Polygon
MoveToEx
GetObjectW
CreateDIBSection
SetTextColor
SetBkMode
SetBkColor
SelectObject
Rectangle
PatBlt
LineTo
GetCurrentObject
DeleteDC
DeleteObject
BitBlt
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
CreatePen
CreateSolidBrush
CreatePatternBrush

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCloseKey

shell32

ExtractIconExW

ole32

CoInitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoUninitialize

oleaut32

VarUI4FromStr
SysFreeString

comctl32

ImageList_AddMasked
ImageList_Draw
ImageList_ReplaceIcon
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
InitCommonControlsEx
ImageList_DrawIndirect
ImageList_EndDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
CreateStatusWindowW
ImageList_GetImageCount

uxtheme

IsThemeActive
IsAppThemed

msimg32

GradientFill

ntdll

NtResumeProcess
NtSuspendProcess

dbgeng

DebugCreate

Sections

.text
Size: 616KB - Virtual size: 616KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e4f290b6d368d8d5075af61adb5d7ca

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

uxtheme

msimg32

ntdll

dbgeng

Sections

.text Size: 616KB - Virtual size: 616KB

.rdata Size: 105KB - Virtual size: 104KB

.data Size: 10KB - Virtual size: 15KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.reloc Size: 27KB - Virtual size: 27KB

.text
Size: 616KB - Virtual size: 616KB

.rdata
Size: 105KB - Virtual size: 104KB

.data
Size: 10KB - Virtual size: 15KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.reloc
Size: 27KB - Virtual size: 27KB