7d903d06e614af7332d4ede50e3622d9f325da01ddaf434f506bcb5ca50aa47b

Sharing

Copy URL Twitter E-mail

General

Target

7d903d06e614af7332d4ede50e3622d9f325da01ddaf434f506bcb5ca50aa47b
Size

59KB
MD5

7777dde01c2cc31a8a676edef7b66999
SHA1

67d02ea8aaa24d238d278d2ce82c11d7fa65f473
SHA256

7d903d06e614af7332d4ede50e3622d9f325da01ddaf434f506bcb5ca50aa47b
SHA512

833214f71014d2b402d5a91ea8eb36efade985ecca48be6bc60dbd73c18faa5597482d9693188d665f150a6286629032d886fc441374a24ac162b1d1ed7ff2fe
SSDEEP

768:dChCFwC8m4JJq+rFo22+KvobYzgBhEmZW4wZ7JiNKgWDRkij0a9TBa:d6m43p0V2ukQ9TY

Score

1^/10

Malware Config

Signatures

Files

7d903d06e614af7332d4ede50e3622d9f325da01ddaf434f506bcb5ca50aa47b
.exe windows x86

4558597b014fc5a8daa3b4d2d1cfa143

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetCandidateListCountA
ImmGetRegisterWordStyleA
ImmGetConversionStatus

shlwapi

StrStrIA

kernel32

WriteConsoleW
CloseHandle
lstrlenW
VirtualProtect
DeleteCriticalSection
lstrcpyW
CreateFileW
GetStringTypeW
LCMapStringEx
HeapReAlloc
HeapSize
GetConsoleCP
FlushFileBuffers
SetStdHandle
LoadLibraryW
OutputDebugStringW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
LoadLibraryExW
HeapAlloc
ReadFile
GetCommandLineA
IsProcessorFeaturePresent
EncodePointer
DecodePointer
GetLastError
InterlockedDecrement
ExitProcess
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
GetProcessHeap
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetConsoleMode
ReadConsoleW
SetFilePointer
SetFilePointerEx
GetFileType
InitOnceExecuteOnce
GetStartupInfoW
SetLastError
InterlockedIncrement
GetCurrentThreadId
GetModuleFileNameA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount64
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetCurrentProcess
TerminateProcess
GetModuleHandleW
HeapFree
Sleep
SetEndOfFile

shell32

Shell_NotifyIconA
DragQueryFile
Shell_NotifyIcon
SHBrowseForFolderA

mpr

WNetConnectionDialog1A
WNetCancelConnection2W
WNetGetLastErrorW
WNetGetResourceParentW

msacm32

acmFormatEnumW
acmStreamMessage
acmFormatTagEnumW
acmFormatTagEnumA
acmFormatTagDetailsA
acmFormatChooseA

setupapi

SetupQuerySourceListA
SetupDiGetDriverInstallParamsA
SetupDiClassGuidsFromNameA
SetupDiDeleteDevRegKey
SetupCloseInfFile

Exports

Exports

_CredPackAuthenticationBufferW@20
_CredUIParseUserNameW@20
_CredUIPromptForWindowsCredentialsW@36
_CredUIReadSSOCredW@8
_CredUIStoreSSOCredW@16
_CredUnPackAuthenticationBufferW@36

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4558597b014fc5a8daa3b4d2d1cfa143

Headers

DLL Characteristics

File Characteristics

Imports

imm32

shlwapi

kernel32

shell32

mpr

msacm32

setupapi

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 11KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 11KB

.reloc
Size: 7KB - Virtual size: 6KB