d92ef163cff223890ca17b02cf23826065f5e27931193aab87909ee5eb625e01

Sharing

Copy URL

Twitter E-mail

General

Target

d92ef163cff223890ca17b02cf23826065f5e27931193aab87909ee5eb625e01
Size

56KB
MD5

835ae49428df3d8aba1ac0929e8aecbc
SHA1

627074d0fd70c678c1acea4475ac4728f063a39c
SHA256

d92ef163cff223890ca17b02cf23826065f5e27931193aab87909ee5eb625e01
SHA512

0d0a5c3202048e057e77be934272f1a2604d5db7033c3101ef93f2f3803b580e2a14ebfd16768437c5e3f300183ba9c81fd6eeb1c19d6915b3983518c5cede64
SSDEEP

768:FD5fyaLHKV8P1UcshmB4qNJLsrYg0CUXVW1i5euc35NvYMtoh+WEX5:XfyeKU1Uv+NJLmYg0BlWHuC5fo25

Score

N/A

Malware Config

Signatures

Files

d92ef163cff223890ca17b02cf23826065f5e27931193aab87909ee5eb625e01
.exe windows x86

4648d5b791ed19269892c21b53b2b064

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmRequestMessageW
ImmUnregisterWordW
ImmCreateSoftKeyboard
ImmIsUIMessageA
ImmSetCompositionWindow
ImmGetGuideLineW
ImmIsUIMessageW
ImmGetConversionListA
ImmRequestMessageA
ImmGetDescriptionW

shlwapi

StrCmpNIW
PathRenameExtensionW
UrlEscapeA
SHSetValueA
SHRegQueryUSValueA
StrFromTimeIntervalW
StrRChrA

kernel32

CreateFileA
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
WideCharToMultiByte
MultiByteToWideChar
CreateDirectoryW
GetTempFileNameW
GetTempPathW
ExitProcess
Wow64RevertWow64FsRedirection
CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
GetCommandLineW
Wow64DisableWow64FsRedirection
GetSystemDirectoryW
IsWow64Process
GetCurrentProcess
VirtualAlloc
Sleep
GetTickCount
GetConsoleWindow
GetProcessHeap
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
CreateFileW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
RtlUnwind
SetFilePointer
GetStartupInfoA
GetFileType
SetHandleCount
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
ReadFile
GetModuleFileNameA
GetStdHandle
WriteFile
GetProcAddress
GetModuleHandleW
HeapCreate
HeapAlloc
GetLastError
HeapFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
HeapReAlloc

shell32

ExtractIconEx
FindExecutableA
ExtractIconA

pdh

PdhLookupPerfNameByIndexW
PdhSetQueryTimeRange
PdhEnumObjectItemsA
PdhGetFormattedCounterArrayW
PdhFormatFromRawValue
PdhMakeCounterPathW

rtm

MgmGetNextMfe
RtmBlockDeleteRoutes
RtmGetFirstRoute
RtmCreateEnumerationHandle
RtmDeleteRoute

mscms

CreateMultiProfileTransform
GetStandardColorSpaceProfileA
IsColorProfileValid
AssociateColorProfileWithDeviceA
CheckBitmapBits
GetPS2ColorRenderingIntent
GetStandardColorSpaceProfileW

oleaut32

SafeArrayAccessData
VarBstrFromR8
VarR4FromI4
VarDateFromUdate
VarDateFromI2
SafeArrayPtrOfIndex
VarR8Pow
VarCyInt
VarI4FromStr

mpr

WNetGetLastErrorW
WNetGetProviderNameW
WNetCancelConnection2W
WNetGetUniversalNameW
WNetAddConnection3A
WNetDisconnectDialog1A
WNetGetResourceInformationA
WNetOpenEnumA
WNetGetLastErrorA

msacm32

acmFormatDetailsW
acmFilterDetailsW
acmStreamOpen
acmStreamPrepareHeader
acmStreamClose
XRegThunkEntry
acmMetrics
acmFormatEnumA
acmFormatEnumW
acmFormatDetailsA

user32

ShowWindow

ole32

CoInitialize

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4648d5b791ed19269892c21b53b2b064

Headers

DLL Characteristics

File Characteristics

Imports

imm32

shlwapi

kernel32

shell32

pdh

rtm

mscms

oleaut32

mpr

msacm32

user32

ole32

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 11KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 11KB