b9469002ff10bc833863d6fe86fc1e638089ccfd2cb8f108fbd875b3b71f756a

Sharing

Copy URL Twitter E-mail

General

Target

b9469002ff10bc833863d6fe86fc1e638089ccfd2cb8f108fbd875b3b71f756a
Size

139KB
MD5

92a245ba820475b910f4dccc7330255a
SHA1

7a7fab320d357f3cfdb4570571c69531a490dbb2
SHA256

b9469002ff10bc833863d6fe86fc1e638089ccfd2cb8f108fbd875b3b71f756a
SHA512

a728529f5a7bfe981d3ddc8665bf5a18da73409042428b89f5db59948f991ffc144ecd3e624df7d78962120812e8d51132a82c703c993e57ab0ca7ca5a620756
SSDEEP

3072:+5QW15oV8m2eqMCy5cGHl2foh+djaKTWZvsl75GJK/8sum1wydp:zuto/hsqZvs1kZsP1ww

Score

N/A

Malware Config

Signatures

Files

b9469002ff10bc833863d6fe86fc1e638089ccfd2cb8f108fbd875b3b71f756a
.exe windows x86

0118a8e44471371b47ec8e3ef2431d9a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCurrentDirectoryA
GetStartupInfoA
IsBadCodePtr
GetLastError
WideCharToMultiByte
WritePrivateProfileStringA
GetSystemTime
lstrcpyA
GetModuleHandleA
VirtualProtect
IsBadReadPtr
GetStringTypeExA

msvcrt

_mbsicmp
_wfopen
exit
_fileno
_except_handler3
_wcslwr
__CxxFrameHandler
__set_app_type
__p__commode
wcsncpy
_acmdln
rand
_XcptFilter
_initterm
__p__fmode
ctime
_adjust_fdiv
__setusermatherr
__getmainargs
_itow
_controlfp
log10
_dup

version

VerQueryValueW
VerLanguageNameA
VerFindFileW
GetFileVersionInfoW
VerInstallFileW
GetFileVersionInfoA

ole32

CoSetProxyBlanket
CoTaskMemAlloc
PropVariantClear
OleUninitialize
StringFromCLSID
CoInitializeSecurity
CreateStreamOnHGlobal
OleSetMenuDescriptor

comctl32

ImageList_BeginDrag
ImageList_SetDragCursorImage
ImageList_SetOverlayImage
ImageList_GetImageInfo
ImageList_DragShowNolock
ImageList_Write
CreateToolbarEx
ImageList_DragLeave
PropertySheetW
InitCommonControls
ImageList_GetBkColor
ImageList_Read
DestroyPropertySheetPage

gdi32

MoveToEx
RealizePalette
SetAbortProc
SetStretchBltMode
FrameRgn
GetClipBox
CreateDCW
RectVisible
EnumFontFamiliesExW
GetTextFaceW

shell32

DoEnvironmentSubstW
FindExecutableW
SHBindToParent
ShellExecuteExW
SHGetPathFromIDList
SHFileOperationA
SHGetFolderPathW
SHGetDiskFreeSpaceExW
ShellExecuteA

user32

GetSysColorBrush
WaitMessage
DrawIconEx
GetFocus
GetForegroundWindow
SetMenu
GetKeyState
GetKeyboardType
DestroyWindow
RemoveMenu

oleaut32

CreateErrorInfo
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SafeArrayRedim
SysReAllocStringLen

advapi32

OpenProcessToken
CryptHashData
RegEnumKeyExW
CloseServiceHandle

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0118a8e44471371b47ec8e3ef2431d9a

Headers

File Characteristics

Imports

kernel32

msvcrt

version

ole32

comctl32

gdi32

shell32

user32

oleaut32

advapi32

Sections

.text Size: 18KB - Virtual size: 17KB

.data Size: 17KB - Virtual size: 39KB

.rsrc Size: 103KB - Virtual size: 102KB

.text
Size: 18KB - Virtual size: 17KB

.data
Size: 17KB - Virtual size: 39KB

.rsrc
Size: 103KB - Virtual size: 102KB