dnchwhoy[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

dnchwhoy.exe
Size

99KB
MD5

55cb88569215510d5cbef8e9a46015c1
SHA1

e23bcfde938d5230c70dac5f418bb3e822d66def
SHA256

3d07a3d7a1ac7d6ce2955ca08cd7ff7616a2b20066622ee0b25db9ba25ae9749
SHA512

7ee44397a05a079dd5542e4708a5e2a15f19f20a14fe632862e36e1f305e153551e090ee842a1bafdec8cfb6767089583226101c38435c77ad9bc19ef96af7a1
SSDEEP

1536:9BlorvbB16VNo62Oz8l2oNf6kqZ9bkB2xo5ltBAkzbqvI:blorvH6lYAICkq7xo5lnAknqvI

Score

1^/10

Malware Config

Signatures

Files

dnchwhoy.exe
.exe windows x86

edc673ee53de1d117a1344b9a2d0b520

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

WriteConsoleW
GetStringTypeW
LCMapStringEx
HeapReAlloc
HeapSize
FlushFileBuffers
SetStdHandle
GetConsoleCP
CreateFileW
GetCurrentProcessId
LoadLibraryW
OutputDebugStringW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
LoadLibraryExW
Sleep
FlsFree
FlsSetValue
CloseHandle
FlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount64
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetModuleFileNameA
GetCurrentThreadId
InterlockedIncrement
SetLastError
GetStartupInfoW
InitOnceExecuteOnce
DeleteCriticalSection
GetFileType
SetFilePointerEx
SetFilePointer
ReadConsoleW
GetConsoleMode
RtlUnwind
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
IsDebuggerPresent
GetModuleFileNameW
WriteFile
GetStdHandle
MultiByteToWideChar
AreFileApisANSI
GetProcAddress
GetModuleHandleExW
ExitProcess
InterlockedDecrement
DecodePointer
EncodePointer
GetCommandLineA
ReadFile
VirtualProtect
CreateEventW
EnterCriticalSection
GetLastError
lstrcmpW
TerminateProcess
SetEndOfFile
LeaveCriticalSection
GetVersionExW
OpenProcess
InitializeCriticalSection
GetProcessHeap
GetModuleHandleW
SetEvent
HeapFree
GetCurrentProcess
HeapAlloc
CreateProcessW
SetPriorityClass
FlsGetValue

mapi32

ord206
ord157
ord153
ord43
ord189
ord35
ord133
ord131
ord66

mscms

AssociateColorProfileWithDeviceW
RegisterCMMW
RegisterCMMA
EnumColorProfilesW
SetStandardColorSpaceProfileA

comdlg32

ChooseColorW
FindTextA
PageSetupDlgW

rtm

RtmBlockConvertRoutesToStatic
RtmCloseEnumerationHandle
RtmGetNetworkCount
RtmBlockSetRouteEnable
RtmLookupIPDestination

ws2_32

WSAEnumProtocolsA
getservbyport
WSAAddressToStringA
WSALookupServiceNextA
socket
WSADuplicateSocketW

ole32

EnableHookObject
OpenOrCreateStream
OleInitialize
CreateBindCtx

resutils

ResUtilGetResourceNameDependency
ResUtilGetBinaryProperty
ResUtilSetSzValue
ResUtilGetPropertiesToParameterBlock

user32

GetDC
BeginPaint
LoadIconW
GetWindowPlacement
TrackPopupMenuEx
GetMenu
wsprintfW
GetClientRect
SetRect
CheckMenuRadioItem
LoadMenuW
CascadeWindows
BringWindowToTop
GetWindowLongW
TileWindows
ReleaseDC
DeleteMenu
GetDlgItem
SetWindowLongW
EndDialog
GetSysColor
SetWindowPos
GetCursorPos
LoadStringW
ShowWindow
SetMenuDefaultItem
MessageBoxW
IsWindowVisible
SendMessageW
DestroyMenu
DestroyIcon
WinHelpW
DefWindowProcW
CheckMenuItem
GetWindowThreadProcessId
LoadStringA
SetForegroundWindow
GetSubMenu
KillTimer
IsZoomed
PostMessageW
IsIconic
OpenIcon
SetTimer
EndPaint
GetMenuState
DialogBoxParamW

gdi32

SetBkColor
ExtTextOutW

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
LookupPrivilegeValueW
RegOpenKeyExW
AdjustTokenPrivileges
OpenProcessToken
RegCloseKey

shell32

Shell_NotifyIconW

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

edc673ee53de1d117a1344b9a2d0b520

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

mapi32

mscms

comdlg32

rtm

ws2_32

ole32

resutils

user32

gdi32

advapi32

shell32

Sections

.text Size: 70KB - Virtual size: 69KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 5KB - Virtual size: 27KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 70KB - Virtual size: 69KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 5KB - Virtual size: 27KB

.reloc
Size: 10KB - Virtual size: 9KB