b9dbfb0483870d0728d2f86abceb3c62ce9747382b2aa4fa56ff2a8a9819e115

Sharing

Copy URL Twitter E-mail

General

Target

b9dbfb0483870d0728d2f86abceb3c62ce9747382b2aa4fa56ff2a8a9819e115
Size

142KB
MD5

79f819771c5590e0b0498b60b7806ca6
SHA1

afce53a45304cdfddc68238eb9e7e3ef7fa27778
SHA256

b9dbfb0483870d0728d2f86abceb3c62ce9747382b2aa4fa56ff2a8a9819e115
SHA512

5e59d408c258cda0f0559dc0d9ad68862d7a67df0133a680a6c70f82f771d18817d8550c19ba28bf593037fa78f2b00bddcdda435656613adf09b126d1ed66ff
SSDEEP

3072:mgwN9ZrubHDJCUlFBeM245ptYp/hHNoAGk1CLuajCbhj:CWFnlBTXKppHlGk1CLum

Score

N/A

Malware Config

Signatures

Files

b9dbfb0483870d0728d2f86abceb3c62ce9747382b2aa4fa56ff2a8a9819e115
.exe windows x86

553b8dddb3a4fbd8e0cf2b6968e1cc0e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

__getmainargs
_strlwr
exit
__p__commode
atexit
_adjust_fdiv
_controlfp
_strnicmp
__CxxFrameHandler
memchr
_XcptFilter
__p__fmode
__set_app_type
__setusermatherr
_initterm
_acmdln
log10
wcschr
_except_handler3

kernel32

GetVersion
IsBadWritePtr
GetModuleHandleA
SetFilePointer
InterlockedExchange
RtlUnwind
FileTimeToLocalFileTime
InterlockedDecrement
GetStartupInfoA
VirtualProtect

user32

SetWindowPlacement
PostQuitMessage
DispatchMessageA
DrawIconEx
TranslateMessage
DeleteMenu
GetMessagePos
GetKeyboardType
LoadCursorA
EndPaint
GetDCEx
FillRect
AdjustWindowRectEx

gdi32

InvertRgn
GetTextExtentPoint32A
GetCharWidthA
Pie
GetBrushOrgEx
GetWindowOrgEx
GetROP2
CreateBrushIndirect
StretchBlt
Escape
RestoreDC
PlayMetaFile
RectInRegion
CreateFontA
GetTextFaceW

shell32

SHGetSettings
ExtractAssociatedIconW
SHGetPathFromIDList
SHGetPathFromIDListA
ShellExecuteW
ExtractIconA
SHFileOperationA
SHGetFolderLocation

advapi32

OpenSCManagerW
SetSecurityDescriptorOwner
CopySid
RegQueryValueA
AllocateAndInitializeSid

version

VerInstallFileA
VerQueryValueA
VerQueryValueW
VerInstallFileW
VerFindFileW

oleaut32

SysFreeString
SysStringLen
SafeArrayPtrOfIndex
GetErrorInfo
GetActiveObject
VariantInit
SysAllocStringByteLen
SafeArrayGetElement
SafeArrayUnaccessData
VariantClear
SysAllocStringLen

ole32

OleInitialize
CoLoadLibrary
CoTaskMemFree
ProgIDFromCLSID
CoRegisterClassObject
CoCreateGuid
PropVariantClear
OleIsCurrentClipboard
OleUninitialize
OleSetMenuDescriptor

comctl32

ImageList_Create
ImageList_Draw
InitializeFlatSB
ImageList_BeginDrag
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_GetImageCount
ImageList_Remove

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

553b8dddb3a4fbd8e0cf2b6968e1cc0e

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

shell32

advapi32

version

oleaut32

ole32

comctl32

Sections

.text Size: 18KB - Virtual size: 17KB

.data Size: 18KB - Virtual size: 42KB

.rsrc Size: 105KB - Virtual size: 108KB

.text
Size: 18KB - Virtual size: 17KB

.data
Size: 18KB - Virtual size: 42KB

.rsrc
Size: 105KB - Virtual size: 108KB