9a7b1ef76a6e48a70b49d43ca3b440688ee8144a094c15bd0cd11df47e601f86

Sharing

Copy URL Twitter E-mail

General

Target

9a7b1ef76a6e48a70b49d43ca3b440688ee8144a094c15bd0cd11df47e601f86
Size

132KB
MD5

e2d223d0d238bd60b8c82af70f09eb23
SHA1

e9523dd229d0ed001efb3db3101519bcbe05888c
SHA256

9a7b1ef76a6e48a70b49d43ca3b440688ee8144a094c15bd0cd11df47e601f86
SHA512

0557ac26548e6cd4ad2e2522f0a21de8a138cb548137800474aca21bf75d8649b161650721117e3dc7e1c06c0d459f526d094c15dec919535e477e230a345df4
SSDEEP

3072:m16nH9gChiDWQNoemQV6/mUgTgm9Z1nhgblX5J4U2rSw7n:3H9gCsVWG8GKblX34U2rSwr

Score

N/A

Malware Config

Signatures

Files

9a7b1ef76a6e48a70b49d43ca3b440688ee8144a094c15bd0cd11df47e601f86
.exe windows x86

d4706b3422269263b766fdcbc37e2a6c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

MultiByteToWideChar
InterlockedIncrement
GetWindowsDirectoryA
lstrlenA
GlobalLock
IsValidCodePage
GetDateFormatA
GetStartupInfoA
CompareFileTime
GetModuleHandleA
IsBadReadPtr
InterlockedExchange
VirtualProtect
GetTempFileNameA
GetConsoleOutputCP

msvcrt

_fdopen
_XcptFilter
_mbscmp
fgets
memcpy
_controlfp
_acmdln
_setjmp
__setusermatherr
__set_app_type
realloc
__CxxFrameHandler
__p__fmode
_initterm
atexit
_except_handler3
_fileno
_kbhit
_adjust_fdiv
exit
log10
__getmainargs
__p__commode

ole32

StringFromIID
IsEqualGUID
ProgIDFromCLSID
OleFlushClipboard
CreateBindCtx
CoUninitialize
CreateStreamOnHGlobal
CoTaskMemRealloc
CoFreeUnusedLibraries
CoInitialize

shell32

SHBrowseForFolderA
SHGetPathFromIDListW
SHFileOperationA
SHGetPathFromIDList
SHGetFileInfoA
DoEnvironmentSubstW
ShellExecuteExW
SHGetSpecialFolderPathW
ShellExecuteEx
SHCreateDirectoryExW

advapi32

RegQueryInfoKeyW
EqualSid
RegQueryInfoKeyA
SetSecurityDescriptorDacl
AdjustTokenPrivileges
RegSetValueExA

user32

ShowCursor
ClientToScreen
TrackPopupMenu
SetClipboardData
GetMenuState
DefWindowProcA
CallWindowProcA
CharNextA
SendMessageA
GetClassInfoA
RemovePropA

oleaut32

GetActiveObject
VariantInit
SysReAllocStringLen
SysStringLen
VariantCopyInd
CreateErrorInfo
SysStringByteLen

comctl32

DestroyPropertySheetPage
InitCommonControlsEx
ImageList_DrawEx
ImageList_GetImageCount
ImageList_Destroy
ImageList_LoadImageW
PropertySheetA

version

GetFileVersionInfoA
VerFindFileW
VerQueryValueW
VerInstallFileW
GetFileVersionInfoW
VerInstallFileA
VerLanguageNameA

gdi32

SetDIBColorTable
GetPixel
GetTextMetricsW
GetTextMetricsA
DeleteDC
Pie
OffsetViewportOrgEx
GetObjectW
SetStretchBltMode
SetDIBits
GetWindowExtEx
CreateICW
CreateEnhMetaFileA

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d4706b3422269263b766fdcbc37e2a6c

Headers

File Characteristics

Imports

kernel32

msvcrt

ole32

shell32

advapi32

user32

oleaut32

comctl32

version

gdi32

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 17KB - Virtual size: 41KB

.rsrc Size: 96KB - Virtual size: 164KB

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 17KB - Virtual size: 41KB

.rsrc
Size: 96KB - Virtual size: 164KB