11b8943f01a1648a55b3bcda7e6ed9595ae2096a5915ce6ad3b80b60f7758fca

Sharing

Copy URL Twitter E-mail

General

Target

11b8943f01a1648a55b3bcda7e6ed9595ae2096a5915ce6ad3b80b60f7758fca
Size

96KB
MD5

8c44781bc0ed7b554fd541836f66972b
SHA1

6fd4fcf2c926816f93155826f82b5d8a2c7858c7
SHA256

11b8943f01a1648a55b3bcda7e6ed9595ae2096a5915ce6ad3b80b60f7758fca
SHA512

c41bc15c23af561446cec6eeae09a29589f0d08c6c1b8e9a0be9b6b43677a3d3e5bd50968af55635682579824501f9ddf91695ae813d07964b09e287d5457c01
SSDEEP

3072:0kwgCRShvGyDYFzOk+lRbuVaRNYNF2FxP9UWEkEATzpWCzObL:EBRKHYFSk+lRCViy+8kpzpWcS

Score

N/A

Malware Config

Signatures

Files

11b8943f01a1648a55b3bcda7e6ed9595ae2096a5915ce6ad3b80b60f7758fca
.exe windows x86

6e71eae8753144c6df2e93c2287f304c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
TerminateProcess
WaitForSingleObject
ResumeThread
SetThreadContext
WriteProcessMemory
GetProcAddress
GetModuleHandleW
VirtualProtectEx
VirtualAllocEx
VirtualAlloc
DefineDosDeviceW
GetDiskFreeSpaceExW
DeviceIoControl
GetDriveTypeW
Sleep
GetLogicalDrives
GetLastError
GetLogicalDriveStringsW
FreeLibrary
LoadLibraryW
SetLastError
GlobalMemoryStatusEx
GetTickCount
GlobalFree
GlobalUnlock
GlobalLock
GetThreadContext
CreateToolhelp32Snapshot
OpenProcess
GetCurrentProcessId
Process32NextW
Process32FirstW
SetFileAttributesW
GetFileAttributesW
SetEnvironmentVariableW
PulseEvent
FindClose
FindNextFileW
FindFirstFileW
ExpandEnvironmentStringsW
ResetEvent
CreateEventW
SetProcessWorkingSetSize
QueryDosDeviceW
RemoveDirectoryW
CopyFileW
SearchPathW
SetSystemPowerState
GetModuleFileNameA
SetCurrentDirectoryW
GetLocalTime
GetCommandLineW
GetStartupInfoW
GetModuleFileNameW
GetCurrentProcess
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceW
CreateProcessW
GetSystemDefaultLangID
ReadProcessMemory
VirtualQueryEx
CreateThread
GetCurrentDirectoryW
CreateDirectoryW
GetFileAttributesExW
DeleteFileW
GetFileSize
SetFilePointer
ReadFile
CloseHandle
CreateFileW
lstrcmpiW
lstrcmpW
lstrcatW
lstrcpyW
lstrlenW
lstrcatA
lstrlenA
WideCharToMultiByte
GlobalAlloc
MultiByteToWideChar

user32

CreatePopupMenu
AppendMenuW
DestroyMenu
GetClientRect
GetWindowThreadProcessId
FindWindowExW
LoadIconW
wsprintfW
GetWindowTextW
CallWindowProcW
GetKeyState
MessageBoxW
CharUpperW
CreateMenu
UnregisterHotKey
SetFocus
GetKeyboardState
GetAsyncKeyState
EqualRect
GetSystemMetrics
SetRectEmpty
CopyRect
SetActiveWindow
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
SendMessageTimeoutW
DestroyWindow
GetParent
DialogBoxParamW
SetCursor
GetMessageW
TranslateMessage
DispatchMessageW
GetDlgItem
SetDlgItemTextW
DefWindowProcW
GetWindowLongW
SetWindowLongW
RegisterHotKey
DestroyIcon
KillTimer
SetTimer
ShowWindow
GetWindowRect
PtInRect
LoadCursorW
RegisterClassExW
CreateWindowExW
GetCursorPos
SetForegroundWindow
TrackPopupMenu
PostMessageW
LoadStringW
FindWindowW
keybd_event
ChangeDisplaySettingsW
EnumDisplaySettingsW
DialogBoxIndirectParamW
InvalidateRect
GetDC
ReleaseDC
EndDialog
SetWindowPos
FillRect
BeginPaint
EndPaint
PostQuitMessage
SetLayeredWindowAttributes
DrawTextW
SetWindowTextW
SendMessageW
EnableWindow
EnableMenuItem
DrawIconEx

gdi32

SetBkColor
AddFontResourceW
DeleteObject
CreateSolidBrush
SetBkMode
SetTextColor
SelectObject
GetStockObject
CreateFontW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

ControlService
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenSCManagerW
OpenServiceW
CloseServiceHandle
StartServiceW

shell32

SHGetSpecialFolderPathW
SHFileOperationW
SHGetFileInfoW
ExtractIconW
Shell_NotifyIconW
DragAcceptFiles
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW
DragFinish
DragQueryFileW
SHChangeNotify

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CreateStreamOnHGlobal

shlwapi

StrCpyNW
StrCmpNIW
StrChrW
StrRChrW
StrStrW
StrStrIW
StrToIntExW
SHDeleteValueW
SHDeleteKeyW
SHSetValueW
SHGetValueW
StrToIntW
StrCmpNW

msvcrt

_exit
??1type_info@@UAE@XZ
_gcvt
atof
_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z
memmove
memcpy
memset
free
realloc
malloc
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_XcptFilter

setupapi

SetupDiGetINFClassW
SetupIterateCabinetW
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW

Sections

WCMD
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6e71eae8753144c6df2e93c2287f304c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

msvcrt

setupapi

Sections

WCMD Size: 66KB - Virtual size: 66KB

.data Size: 512B - Virtual size: 7KB

.rsrc Size: 29KB - Virtual size: 32KB

WCMD
Size: 66KB - Virtual size: 66KB

.data
Size: 512B - Virtual size: 7KB

.rsrc
Size: 29KB - Virtual size: 32KB