9aed28a4c14987791ee8e4329a51633db491ae0a23b038bc7bcfdc86d34e5581

Sharing

Copy URL Twitter E-mail

General

Target

9aed28a4c14987791ee8e4329a51633db491ae0a23b038bc7bcfdc86d34e5581
Size

149KB
MD5

5d4b388fe2d8284e0f03f3fbaa4c6968
SHA1

1795b60efdc2346360004d2787fed470ce607c85
SHA256

9aed28a4c14987791ee8e4329a51633db491ae0a23b038bc7bcfdc86d34e5581
SHA512

b6f71427c2744b337cf02ea9b7498b46248e64e2b92a1987ba7fc264978994e5d0ac8b9f86da9445df9153011bfb27123f08cad0a7258cdb453b2ba1b5dd37b0
SSDEEP

3072:pDbLQKQ4b+0dyplV3C80/5TXaJSPR+Ldc2:dPKuTXi2R+

Score

N/A

Malware Config

Signatures

Files

9aed28a4c14987791ee8e4329a51633db491ae0a23b038bc7bcfdc86d34e5581
.exe windows x86

ab6b2801ba7bbd428875dea531a056c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

Sleep
VirtualProtect
GetLastError
GetStringTypeW
GetModuleHandleA
CreateDirectoryA
InterlockedCompareExchange
lstrlenA
SystemTimeToFileTime
UnhandledExceptionFilter
IsBadWritePtr
GetStartupInfoA

msvcrt

_XcptFilter
_filelengthi64
__p__commode
__getmainargs
__setusermatherr
isspace
_acmdln
log10
__set_app_type
perror
__p__fmode
puts
wcstoul
strtol
_adjust_fdiv
_initterm
exit
_except_handler3
swprintf
_controlfp
_setjmp

version

VerInstallFileW
VerInstallFileA
VerFindFileW
VerQueryValueW
GetFileVersionInfoA
VerLanguageNameA
VerQueryValueA

comctl32

ImageList_LoadImageW
CreateStatusWindowA
InitCommonControls
PropertySheetA
CreatePropertySheetPageA
ImageList_DrawEx
CreateToolbarEx
ImageList_ReplaceIcon
PropertySheetW
ImageList_Remove

oleaut32

SafeArrayPutElement
SysStringByteLen
GetActiveObject
GetErrorInfo
CreateErrorInfo
SafeArrayUnaccessData
SafeArrayGetElement

gdi32

GetROP2
CreateICA
DPtoLP
SetGraphicsMode
EnumFontFamiliesExW
SetWorldTransform
LPtoDP
DeleteObject
CreateFontIndirectA
SelectPalette
GetRegionData

user32

CharLowerA
SetWindowLongA
RemoveMenu
DeleteMenu
RegisterClipboardFormatA
WinHelpA
FindWindowA
IsChild

advapi32

RegCreateKeyExA
OpenServiceW
RegEnumKeyExA
CryptAcquireContextA
CloseServiceHandle
AddAccessAllowedAce
RegSetValueExW

ole32

DoDragDrop
CoRegisterClassObject
CreateStreamOnHGlobal
CoGetInterfaceAndReleaseStream
CoCreateGuid
OleRun
CoFreeUnusedLibraries
CoDisconnectObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoInitialize
CoRegisterMessageFilter

shell32

SHGetFolderPathA
DragQueryFile
SHCreateDirectoryExA
Shell_NotifyIconW
SHGetSettings
SHGetPathFromIDList
SHBrowseForFolderA
ExtractIconExW

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab6b2801ba7bbd428875dea531a056c5

Headers

File Characteristics

Imports

kernel32

msvcrt

version

comctl32

oleaut32

gdi32

user32

advapi32

ole32

shell32

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 17KB - Virtual size: 40KB

.rsrc Size: 113KB - Virtual size: 112KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 17KB - Virtual size: 40KB

.rsrc
Size: 113KB - Virtual size: 112KB