dad3d364a7066f4ca928fe27546d67260b44a520eb55562297c81d67e317d414

Sharing

Copy URL Twitter E-mail

General

Target

dad3d364a7066f4ca928fe27546d67260b44a520eb55562297c81d67e317d414
Size

155KB
MD5

f2a55d557c0875df39a37adc9f3731a7
SHA1

4aa51ba8ed229f093a69f764052e7470f641c3dd
SHA256

dad3d364a7066f4ca928fe27546d67260b44a520eb55562297c81d67e317d414
SHA512

e52a41110a50982afafdccd093541345d7b1f95cde15a13df0d24842aa50c162c2a022f36abb90f7e1413b8a72e085f6a9d738d4bbf0dd15a0f083299d3bb8f1
SSDEEP

3072:oRieRVbyczx3vFOVBnTQtwCnTYDQGuhAifMOtX4c3fXsdNrarbOz:U3vsVitwaTeQGrz4XP3fXwarO

Score

N/A

Malware Config

Signatures

Files

dad3d364a7066f4ca928fe27546d67260b44a520eb55562297c81d67e317d414
.exe windows x86

87fbb18cef6775a123cb5e69e4f6f817

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FlushFileBuffers
QueryPerformanceCounter
GetModuleFileNameW
WriteConsoleA
GetModuleHandleA
lstrcmpiW
FileTimeToLocalFileTime
GetStartupInfoA
ExpandEnvironmentStringsA
VirtualProtect
CompareFileTime
GetStringTypeW
OutputDebugStringA
GetEnvironmentStringsW
GetSystemDefaultLCID

msvcrt

_lock
__p__commode
exit
_wcsupr
__set_app_type
wcsncmp
log10
_acmdln
cos
_controlfp
_adjust_fdiv
__p__fmode
__p___initenv
_except_handler3
_putenv
_XcptFilter
_initterm
_strcmpi
__getmainargs
__setusermatherr
_dup2
_getch
_setjmp

version

VerInstallFileW
GetFileVersionInfoSizeW
VerLanguageNameA
VerFindFileW
GetFileVersionInfoW

oleaut32

GetActiveObject
CreateErrorInfo
VariantInit
SafeArrayGetUBound
SysFreeString
SysAllocStringLen
VariantClear
SafeArrayCreate
SafeArrayRedim

ole32

CoInitializeEx
OleSetMenuDescriptor
StringFromGUID2
PropVariantClear

user32

IsRectEmpty
SendMessageA
GetWindowLongA
SetClipboardData
GetDC
ReleaseDC
ClientToScreen

advapi32

LookupPrivilegeValueA
RegEnumKeyW
RegOpenKeyA
RegEnumValueW
RevertToSelf

shell32

SHFileOperationA
SHGetSpecialFolderPathW
DragQueryFileW
SHBrowseForFolder
SHGetFolderPathA
SHGetFileInfoA
SHCreateDirectoryExW
ShellExecuteA
ShellExecuteExW
ShellExecuteEx
SHGetPathFromIDListA
DragFinish

comctl32

ImageList_Remove
ImageList_SetBkColor
ImageList_GetImageCount
ImageList_EndDrag
InitCommonControlsEx
ImageList_SetOverlayImage
ImageList_Read
ImageList_Destroy
ImageList_DragEnter
InitCommonControls
CreateStatusWindowA
ImageList_Create

gdi32

GetCharacterPlacementA
PolyDraw
EndPath
GetMetaFileBitsEx
GetTextAlign
Arc
EnumFontFamiliesExW
StrokeAndFillPath
InvertRgn
CreateBrushIndirect

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87fbb18cef6775a123cb5e69e4f6f817

Headers

File Characteristics

Imports

kernel32

msvcrt

version

oleaut32

ole32

user32

advapi32

shell32

comctl32

gdi32

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 17KB - Virtual size: 40KB

.rsrc Size: 117KB - Virtual size: 117KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 17KB - Virtual size: 40KB

.rsrc
Size: 117KB - Virtual size: 117KB