153b2ab3e0de76cc781cf4b7c46683e7210fe2373d8aba2f9c09641b612d9b92

Sharing

Copy URL

Twitter E-mail

General

Target

153b2ab3e0de76cc781cf4b7c46683e7210fe2373d8aba2f9c09641b612d9b92
Size

464KB
MD5

a35977dcdc88f1316cfa9cd087f93e87
SHA1

7452a109a52aafc42a17d031f9b39e35bfcb21ee
SHA256

153b2ab3e0de76cc781cf4b7c46683e7210fe2373d8aba2f9c09641b612d9b92
SHA512

29ef59871521381fe383f2b190ed9109e91ad03f1805d9ad38835600fc249f54beb26c62375fafe13fa841add118d26f7c70518e7d3cc76a90fad4363a06d0eb
SSDEEP

12288:3Y3Vk9CGTYgmNqRIDfdY+mS2DphhOoRjsx8IF:3YuAXgKqRodYa2Dpvlm8IF

Score

N/A

Malware Config

Signatures

Files

153b2ab3e0de76cc781cf4b7c46683e7210fe2373d8aba2f9c09641b612d9b92
.exe windows x86

e0e124545f91e4352f52227d5bf0f059

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegEnumValueW

getpathfromidlistw

SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecFileInfoW
SHGetFileInfoW

iidfromstring

TaskMemFree
pecialFolderLocation
cuteExW
istW

2

ord17
OleInitialize
g

arprevw

ageList_Create
t_Destroy
ImageList_AddMasked
tGetWindowRect
emTextW
W
tDlgItemTextW
etrics
PopupMenu
pendMenuW
ackPopupMenu
�OpenClipboard
dMasked
lipboardData
eClipboard
owVisible
tMessagePos
eckDlgButton
�LoadCursorW
Color
dowPos
dowLongW
abled
�IsWindowEnabled
SetClassLongW
GetSystemMenu
EnableMenuItem
IndirectW
ScreenToClient
W
emParametersInfoW
teWindowExW
InfoW
xParamW
x
dow
mW
V
zSetTimer
SetWindowTextW
stQuitMessage
tForegroundWindow
Window
�wsprintfW
ndMessageTimeoutW
em
ageW
GetDC
*ReleaseDC
EnableWindow
InvalidateRect
ndMessageW
cW
DefWindowProcW

TextW
�
COMCTL32.dll
ndowProcW
�

)

ageW
ntIndirectW
kMode
MessageW
SelectObject
extColor
A
NextA

ss

catW
toryW
pMoveFileExW
eFile
tTempFileNameW
trcmpiA
SetCurrentDirectoryW
eateProcessW
eateDirectoryW
tError
eateThread
GlobalLock
ceW
PGetDiskFreeSpaceW
CharToMultiByte
trcpynW
�lstrlenW
ExW
mandLineW
hW
�GetTempPathW
dowsDirectoryW
riableW
SetEnvironmentVariableW
ess
urrentProcess
GetModuleFileNameW
tFileSize
eateFileW
�GetTickCount
eAttributesW
tesW
GetFileAttributesW
ntDirectoryW
hIndirect
hNameW
PathNameW
�SearchPathW
areFileTime
SetFileTime
cmpiW
trcmpW
nmentStringsW
�
�GlobalFree
GlobalAlloc
eHandleW
TLoadLibraryExW
�
ofileStringW
gW
rivateProfileStringW
rectoryW
trlenA
le
e
W
tFileW
W
lDiv
I32.dll
SetBkColor
�

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0e124545f91e4352f52227d5bf0f059

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

getpathfromidlistw

iidfromstring

2

arprevw

)

ss

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 128KB

.ndata Size: - Virtual size: 64KB

.rsrc Size: 208KB - Virtual size: 207KB

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 128KB

.ndata
Size: - Virtual size: 64KB

.rsrc
Size: 208KB - Virtual size: 207KB