5673f19682b56a149fe319a37524d75d26b2b92650781b4fce895ed49d814fb9

Sharing

Copy URL

Twitter E-mail

General

Target

5673f19682b56a149fe319a37524d75d26b2b92650781b4fce895ed49d814fb9
Size

185KB
MD5

b992fd6d5f64095b910fa3e31560f978
SHA1

e238be6bb0f7fbe9cf8accf9eb0e7d90c495310a
SHA256

5673f19682b56a149fe319a37524d75d26b2b92650781b4fce895ed49d814fb9
SHA512

904caf88267da71381d5ca2cc8130d52c0bbf7652892f78157a1573d2e24b70e6673625effa346994653d5129c5a3297034f2532815bf84d639e9e51c81c2a14
SSDEEP

3072:iQV0akSSa6+YvRuE+s88F+xlmq+Bi+NcEAncv1cZl6kbjSeEEAg:46YO8kxlmqwbcXncdcjHSjW

Score

N/A

Malware Config

Signatures

Files

5673f19682b56a149fe319a37524d75d26b2b92650781b4fce895ed49d814fb9
.exe windows x86

b8619f38671dd034374fa327f51deb43

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RemovePropW
InvalidateRect
RegisterWindowMessageW
GetClassLongW
CopyAcceleratorTableW
MessageBeep
GetNextDlgGroupItem
GetNextDlgTabItem
GetPropW
CharUpperW
GetClassInfoExW
SendDlgItemMessageA
SetPropW
WinHelpW
CharNextW
InvalidateRgn
IsRectEmpty
CreateWindowExW
SetRect
DestroyMenu

gdi32

RectVisible
GetStockObject
SetWindowExtEx
SelectObject
Escape
ScaleViewportExtEx
GetMapMode
OffsetViewportOrgEx
SetViewportOrgEx
ExtTextOutW
GetTextColor
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetBkColor
GetDeviceCaps
PtVisible
TextOutW
GetRgnBox

ole32

CoInitialize
CoCreateInstance
StgCreateDocfileOnILockBytes
CoRevokeClassObject
CoRegisterMessageFilter
CoRetireServer
OleFlushClipboard
CoTaskMemFree
CLSIDFromProgID
StgOpenStorageOnILockBytes
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoTaskMemAlloc
CoGetClassObject
CoUninitialize
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
CLSIDFromString

advapi32

RegOpenKeyW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegQueryInfoKeyW
RegEnumKeyExW
RegQueryValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueExW

oleacc

LresultFromObject
CreateStdAccessibleObject

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathFindExtensionW
PathStripToRootW
PathFileExistsW
PathAppendW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

kernel32

ConvertDefaultLocale
SystemTimeToFileTime
GetCalendarInfoW
FindClose
ReadFile
MultiByteToWideChar
WideCharToMultiByte
EnumResourceLanguagesW
GetCurrentProcessId
RemoveDirectoryW
FindNextFileW
LocalFileTimeToFileTime
GetVersion
DeleteFileW
CreateFileW
EnumResourceNamesA
LoadLibraryW
WriteFile
lstrcpyW
GetSystemDefaultLangID
GetFileAttributesW
GetLocaleInfoW
GetModuleFileNameW
MoveFileW
CreateDirectoryW
ExitProcess
FindFirstFileW
SetFileTime
GetCurrentDirectoryW
InterlockedDecrement
SetFilePointer
GetProcAddress

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8619f38671dd034374fa327f51deb43

Headers

File Characteristics

Imports

user32

gdi32

ole32

advapi32

oleacc

shlwapi

shell32

kernel32

Sections

.text Size: 105KB - Virtual size: 104KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 74KB - Virtual size: 74KB

.edata Size: 1024B - Virtual size: 240KB

.text
Size: 105KB - Virtual size: 104KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 74KB - Virtual size: 74KB

.edata
Size: 1024B - Virtual size: 240KB