3e02aacab65bb5f72daf6590d702077e564302eb47ea89e618274068a471ee15

Sharing

Copy URL

Twitter E-mail

General

Target

3e02aacab65bb5f72daf6590d702077e564302eb47ea89e618274068a471ee15
Size

470KB
MD5

6a5a9f569c4636b51bd64355b7969b16
SHA1

bb366442fb89833c9a5e0446f23d2cb27e740613
SHA256

3e02aacab65bb5f72daf6590d702077e564302eb47ea89e618274068a471ee15
SHA512

3c04c8eb6f5c30bdddb43afb2b7a98d1bfd15c849319999a90c23fdd6ff5cc1222920d3956071650ddc62c2a5f9bd8aeeb5f5edd256546e9643d432cd69a7382
SSDEEP

12288:VQbkGjWIRZK4JeKe8hxTeUbvvL42B3bH:VpGrLZJeKJxTzk2BT

Score

N/A

Malware Config

Signatures

Files

3e02aacab65bb5f72daf6590d702077e564302eb47ea89e618274068a471ee15
.exe windows x86

2b0658217020fbdfc378bd6d6b2ee7a8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

ole32

CoUninitialize
OleTranslateAccelerator
CoQueryAuthenticationServices
CoQueryProxyBlanket
CoReleaseMarshalData
StringFromCLSID
CreateStreamOnHGlobal
OleBuildVersion
CoResumeClassObjects
CoInitialize
CoGetCancelObject
PropSysFreeString
SNB_UserFree
StgOpenStorageOnILockBytes
WriteClassStm

user32

PostThreadMessageA
GetSysColorBrush
DestroyAcceleratorTable
GetMenu
IsChild
GetProcessDefaultLayout
HideCaret
GetDC
CharLowerBuffW

shlwapi

StrCSpnA
PathStripToRootW
StrRetToStrA
StrStrIW
PathStripPathA
StrRStrIA
PathGetDriveNumberA
PathRemoveBlanksA
UrlIsOpaqueW
PathStripToRootA
StrStrIA
PathFindFileNameA
PathFindExtensionW
StrCSpnW
PathRemoveExtensionW
UrlCreateFromPathW
PathFindFileNameW
PathGetDriveNumberW
SHAutoComplete
StrStrA
PathRemoveBlanksW
PathStripPathW
PathUndecorateA
StrStrW
StrTrimA
PathSkipRootW
StrCmpIW
PathSkipRootA
StrToInt64ExW
StrCmpW
PathAddExtensionA
PathBuildRootW
StrRChrA
StrTrimW
PathRemoveExtensionA
PathFindExtensionA

kernel32

GetSystemTime
ResetEvent
GetModuleHandleA
GetProcessHeap
lstrcmpA
HeapAlloc
SetEvent
GetVersionExA
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
VirtualAlloc
GetVersionExW
GetCurrentProcess
GetStartupInfoW
GetStartupInfoA
CreateEventA
QueryPerformanceCounter
GetCurrentProcessId
CloseHandle
lstrlenA
HeapFree

msvcrt

__p__fmode
_adjust_fdiv
__set_app_type
__getmainargs
__setusermatherr
_controlfp
__p__commode
exit
_except_handler3
_initterm
_exit
_XcptFilter
_acmdln

olepro32

DllRegisterServer
OleCreatePictureIndirect
DllUnregisterServer
OleLoadPicture
OleTranslateColor
OleCreatePropertyFrame
OleIconToCursor
OleCreatePropertyFrameIndirect
DllGetClassObject
OleCreateFontIndirect

comctl32

InitCommonControls
ImageList_SetImageCount
ImageList_GetBkColor
ImageList_DragMove
ImageList_SetOverlayImage
InitCommonControlsEx
ImageList_SetIconSize
DrawStatusTextW

gdi32

CreatePalette
CreateSolidBrush
CreatePen
CreateBrushIndirect
SelectObject
CreateFontIndirectA
GetStockObject
DeleteObject
EqualRgn

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b0658217020fbdfc378bd6d6b2ee7a8

Headers

DLL Characteristics

File Characteristics

Imports

ole32

user32

shlwapi

kernel32

msvcrt

olepro32

comctl32

gdi32

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 75KB - Virtual size: 75KB

.data Size: 363KB - Virtual size: 363KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 75KB - Virtual size: 75KB

.data
Size: 363KB - Virtual size: 363KB

.reloc
Size: 7KB - Virtual size: 6KB