16a94b5fb4f3a3d0c6c94208b40c5b1eb79a027a2e61199290571b7c69e92836

Sharing

Copy URL Twitter E-mail

General

Target

16a94b5fb4f3a3d0c6c94208b40c5b1eb79a027a2e61199290571b7c69e92836
Size

104KB
MD5

bee17bbcf335b05872ce2d49cd3ae295
SHA1

14a2bb04b30185088abb3f3669c6605aa98a6feb
SHA256

16a94b5fb4f3a3d0c6c94208b40c5b1eb79a027a2e61199290571b7c69e92836
SHA512

73e2a8342400dc39e81f0fa2a8a3de0a67377ae0603f4a0503efaf04425d89394edf58df58bc87aa7a74745ae8f28bba362cba35da449dbeaf09001534cf2eac
SSDEEP

3072:sN5Kiy8YE/NVwqUJdGx+9gjNxC/MXUxTzzx:wty8YEna7GxGcc/MXUxTB

Score

N/A

Malware Config

Signatures

Files

16a94b5fb4f3a3d0c6c94208b40c5b1eb79a027a2e61199290571b7c69e92836
.exe windows x86

cef7fbe7c57ece4d0cf48b307ec8707f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3
_acmdln
exit
__getmainargs
__p__commode
strcmp
_XcptFilter
_initterm
__set_app_type
calloc
_vsnprintf
__p__fmode
_strnicmp
__setusermatherr
_write
_exit
sprintf
printf
free
_adjust_fdiv

kernel32

GetProcAddress
GetFileAttributesA
VirtualProtectEx
IsBadReadPtr
LoadLibraryExW
GetModuleHandleW
LocalFileTimeToFileTime

oleaut32

SysFreeString
SafeArrayPtrOfIndex
SysStringByteLen
SafeArrayGetUBound

shell32

DragQueryFileA
SHGetSpecialFolderLocation
ExtractAssociatedIconW
ShellExecuteW
SHGetPathFromIDListA

comctl32

ImageList_EndDrag
ImageList_ReplaceIcon
ImageList_Draw
InitializeFlatSB
ImageList_SetOverlayImage
ImageList_GetIconSize

ole32

CoRegisterClassObject
OleUninitialize

advapi32

RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExA
CryptAcquireContextA
QueryServiceStatus
EqualSid
GetTokenInformation
OpenServiceA
RegSetValueExA

user32

GetMenuItemID
GetPropA
GetSystemMetrics
SetTimer
CreateMenu
UnhookWindowsHookEx
SendMessageA
DestroyWindow

gdi32

SetMapMode
OffsetRgn
CreateDIBSection
StartDocA
CreatePenIndirect
ExtCreateRegion

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cef7fbe7c57ece4d0cf48b307ec8707f

Headers

File Characteristics

Imports

msvcrt

kernel32

oleaut32

shell32

comctl32

ole32

advapi32

user32

gdi32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 40KB - Virtual size: 61KB

.rsrc Size: 58KB - Virtual size: 57KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 40KB - Virtual size: 61KB

.rsrc
Size: 58KB - Virtual size: 57KB