877c735650488f81807239a0ca564c8faa660a8c9141a9aba2049b9fe1d5b2fb

Sharing

Copy URL

Twitter E-mail

General

Target

877c735650488f81807239a0ca564c8faa660a8c9141a9aba2049b9fe1d5b2fb
Size

1.1MB
MD5

e3648731a36105980f5fae6b4afe614b
SHA1

85db743d14fbd83f893ec34dbdf57d0344e16156
SHA256

877c735650488f81807239a0ca564c8faa660a8c9141a9aba2049b9fe1d5b2fb
SHA512

dcf4742b7c059f4580d9bbee1c5e444eb37bc1ab4c183bb7697ac33cc8d74a2d2ad9016ba1dc6429deb31d7fc1cd101d3544806411682d49147b4fc08b0eea2f
SSDEEP

12288:3qhfOhBJUmIa4cQ5VSdQpRSZZLPwPqnk7HLhPQ9dLz6D:I9dXrEEw/PwP4k71I9dLz6D

Score

N/A

Malware Config

Signatures

Files

877c735650488f81807239a0ca564c8faa660a8c9141a9aba2049b9fe1d5b2fb
.exe windows x86

946656b2bc816d25554d4eb65c7b3f5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetVersion
GetCurrentProcess
VirtualAlloc
VirtualProtect
LoadLibraryA
GetProcAddress
ExitProcess
GetLastError
lstrlenA
lstrcatA
LZInit
LockFile
TerminateJobObject
GetFileType
BaseQueryModuleData
FreeEnvironmentStringsW
EnumSystemCodePagesW

comctl32

InitCommonControls
ImageList_ReplaceIcon
PropertySheetA
FlatSB_SetScrollInfo
DrawStatusTextA
FlatSB_GetScrollInfo
FlatSB_EnableScrollBar
DPA_DeletePtr
DSA_Create
DPA_GetPtr
FlatSB_GetScrollPos

ole32

SNB_UserMarshal
CoDisconnectObject
SetDocumentBitStg
CreateBindCtx
CoRegisterMessageFilter
PropSysFreeString
OleCreateEmbeddingHelper
OleCreateEx
HICON_UserSize
OleInitialize
DllGetClassObject

comdlg32

GetOpenFileNameW
ChooseColorW
ChooseFontA
CommDlgExtendedError
PrintDlgW

user32

DdePostAdvise
SetWindowsHookW
ChangeMenuA
GrayStringW
CharUpperBuffW
DispatchMessageA
SetMenuItemInfoW

gdiplus

GdipGetImageEncoders
GdipIsStyleAvailable
GdipCreateRegionRectI
GdipGetStringFormatLineAlign
GdipSetImageAttributesColorMatrix
GdipResetPenTransform
GdipDrawCurve

version

VerFindFileW
VerQueryValueW
VerInstallFileW
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeW
VerFindFileA
VerInstallFileA

Sections

.text
Size: 703KB - Virtual size: 703KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.st
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.st
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

946656b2bc816d25554d4eb65c7b3f5b

Headers

File Characteristics

Imports

kernel32

comctl32

ole32

comdlg32

user32

gdiplus

version

Sections

.text Size: 703KB - Virtual size: 703KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 124KB - Virtual size: 124KB

.st Size: 512B - Virtual size: 69B

.st Size: 282KB - Virtual size: 281KB

.text
Size: 703KB - Virtual size: 703KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 124KB - Virtual size: 124KB

.st
Size: 512B - Virtual size: 69B

.st
Size: 282KB - Virtual size: 281KB