261dad51ed4a59f521700e8fde6e8cb10ca20c495693b1c76141a27763d0d53a

Sharing

Copy URL

Twitter E-mail

General

Target

261dad51ed4a59f521700e8fde6e8cb10ca20c495693b1c76141a27763d0d53a
Size

47KB
MD5

df3ab26df5676821215cec5a6ee97af7
SHA1

96f972b5d8b2899cdfcfc496c7a392da92c69825
SHA256

261dad51ed4a59f521700e8fde6e8cb10ca20c495693b1c76141a27763d0d53a
SHA512

da027256a7242ce92fcd501868ed3892a1a6be48879251c4b6eb78008092d6b6147881fc022faaead18af0f517b64d96d5a459575132fdeb40ad955844db1504
SSDEEP

768:CI+zqnsBtI6MUCTtmVsoOLE3h4y7Xgzql/QjYtnHMxOKdK/N93JIJgtcxoY2j:CI+zqnsBtI6MUCTtWsoOLE3hfT4s2zxo

Score

N/A

Malware Config

Signatures

Files

261dad51ed4a59f521700e8fde6e8cb10ca20c495693b1c76141a27763d0d53a
.exe windows x86

f5b382a07c5e19a3be2876efbb508616

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect
ExitProcess
GetLastError
GetConsoleCP
GetACP
SetLastError
LoadResource
lstrlenA
BasepCheckWinSaferRestrictions
OpenEventA
VerLanguageNameA
SetThreadAffinityMask

user32

GetKeyboardType
CheckDlgButton
IsWindow
ReleaseCapture
GetSysColorBrush
SendMessageCallbackW
GetIconInfo

comctl32

InitCommonControls
ImageList_EndDrag
DrawStatusTextA
DrawStatusText
DSA_GetItemPtr
_TrackMouseEvent

oledlg

OleUIPromptUserW
OleUIChangeSourceA
OleUIChangeSourceW
OleUIPromptUserA

msimg32

AlphaBlend
DllInitialize
vSetDdrawflag
TransparentBlt

imagehlp

SymFindFileInPath
ImageRvaToSection

comdlg32

ReplaceTextA
ChooseFontW
ReplaceTextW
GetOpenFileNameW

winmm

joyGetPos
joySetCapture
waveInGetPosition

gdiplus

GdipCreateFontFamilyFromName
GdipDrawBezierI
GdipTranslateMatrix
GdipTestControl
GdipSetLineColors

oleaut32

VarCyFromUI8
SysAllocStringLen
DosDateTimeToVariantTime

advapi32

InitializeAcl
AddAuditAccessAceEx
RegNotifyChangeKeyValue

version

GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerFindFileW
VerQueryValueA

oleacc

ObjectFromLresult
AccessibleObjectFromPoint
AccessibleObjectFromWindow
GetOleaccVersionInfo
LIBID_Accessibility
IID_IAccessible

shell32

RealShellExecuteA
PickIconDlg
StrRStrIW
SHILCreateFromPath
SHHelpShortcuts_RunDLLW

gdi32

ResetDCW
FONTOBJ_vGetInfo
DdEntry14
CreateRoundRectRgn
GdiGetLocalBrush
EngCreateDeviceSurface

winspool.drv

GetDefaultPrinterA
WaitForPrinterChange
DeletePrinterDataW
SetPrinterW
IsValidDevmodeA
DeletePrinterDataExA
EnumMonitorsW

shlwapi

SHFreeShared
StrCatW
PathCreateFromUrlA
SHRegSetPathW

ole32

StgCreateDocfile
HGLOBAL_UserMarshal
IsValidIid
UtGetDvtd32Info
HMENU_UserUnmarshal
OleGetClipboard
OleCreateLinkFromDataEx
OleCreateFromFile
OleSetAutoConvert

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5b382a07c5e19a3be2876efbb508616

Headers

File Characteristics

Imports

kernel32

user32

comctl32

oledlg

msimg32

imagehlp

comdlg32

winmm

gdiplus

oleaut32

advapi32

version

oleacc

shell32

gdi32

winspool.drv

shlwapi

ole32

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 5KB - Virtual size: 32KB

.tls Size: - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 5KB - Virtual size: 32KB

.tls
Size: - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 1KB