9b5b25052716899e0e4627762966c98ac0211d76ad3ad3e02f59bb84b5f2d505

Sharing

Copy URL Twitter E-mail

General

Target

9b5b25052716899e0e4627762966c98ac0211d76ad3ad3e02f59bb84b5f2d505
Size

139KB
MD5

6a4afa8e9f8e168f54143532871e4056
SHA1

02667d5f5151705ed005178b79ff99365bd5ab37
SHA256

9b5b25052716899e0e4627762966c98ac0211d76ad3ad3e02f59bb84b5f2d505
SHA512

4bf9cd0c453482175366e9a04ec24be78f471bb33e6411a7d1c03983b5b412d55abee9696e3e941ab89ecaffaa2407ae2a8d7515843fb75fcf94821be9b14d41
SSDEEP

3072:h2ie55dmH6sz3Q6DQsnTc6rmqZ2+bWpSBiBAA2uER2zw1/5:hBev03Q2QwfWpSYAAC5

Score

N/A

Malware Config

Signatures

Files

9b5b25052716899e0e4627762966c98ac0211d76ad3ad3e02f59bb84b5f2d505
.exe windows x86

250142e79dcb680e4d8042d527373252

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

__initenv
_controlfp
__setusermatherr
__p__fmode
_acmdln
_XcptFilter
log
strncat
__p__commode
_wtoi
_adjust_fdiv
_except_handler3
_snprintf
_initterm
__getmainargs
exit
__set_app_type

kernel32

GlobalAlloc
GetTempFileNameA
GetWindowsDirectoryA
GetStartupInfoA
VirtualProtect
lstrcmpiW
GetModuleHandleA
GlobalFree
IsBadReadPtr
GetModuleHandleW

user32

SetFocus
GetDCEx
InvalidateRect
DefWindowProcA
SetClassLongA
GetMenu
GetWindow
CallWindowProcA
EnableMenuItem
BeginPaint
GetSystemMenu
DispatchMessageA

comctl32

ImageList_SetDragCursorImage
ImageList_Write
ImageList_SetBkColor
ImageList_LoadImageA
ImageList_Remove
ImageList_GetIcon
InitCommonControls
ImageList_GetIconSize
ImageList_GetBkColor
ImageList_DragEnter
ImageList_Replace
ImageList_SetImageCount
CreatePropertySheetPageW
PropertySheetW
ImageList_GetImageInfo

gdi32

SelectClipPath
CopyEnhMetaFileA
SetWindowOrgEx
ExtCreateRegion
TextOutW
GetClipBox
SetBrushOrgEx
CreateRectRgn
SetViewportExtEx
GetBkColor
MaskBlt

oleaut32

GetActiveObject
VariantCopyInd
SysFreeString
SysReAllocStringLen
VariantClear
SysStringLen
SysStringByteLen

ole32

ReleaseStgMedium
OleGetClipboard
OleSetClipboard
CLSIDFromString
OleFlushClipboard
CreateItemMoniker
CoRevokeClassObject
CoRegisterClassObject
CoUninitialize
CoTaskMemRealloc
RegisterDragDrop
CoRegisterMessageFilter

advapi32

SetSecurityDescriptorDacl
LookupPrivilegeValueW
RegEnumKeyA
CryptCreateHash
GetTokenInformation
OpenThreadToken
RegEnumValueA
InitializeAcl
RevertToSelf
CheckTokenMembership
RegDeleteKeyW

version

VerInstallFileW
GetFileVersionInfoSizeA
VerFindFileW
GetFileVersionInfoW

shell32

DragAcceptFiles
ExtractIconA
SHGetSettings
SHGetMalloc
SHGetPathFromIDListW

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

250142e79dcb680e4d8042d527373252

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

comctl32

gdi32

oleaut32

ole32

advapi32

version

shell32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 17KB - Virtual size: 39KB

.rsrc Size: 103KB - Virtual size: 102KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 17KB - Virtual size: 39KB

.rsrc
Size: 103KB - Virtual size: 102KB