b8ea138645beff256bfa1b29ebb02c54a64739d3c4f4a81edbff1f5d076508e2

Sharing

Copy URL Twitter E-mail

General

Target

b8ea138645beff256bfa1b29ebb02c54a64739d3c4f4a81edbff1f5d076508e2
Size

138KB
MD5

6d2b12ac8c0dbb04227b5dee02006562
SHA1

47f58aa9c22ed761904d310b262c980e40116997
SHA256

b8ea138645beff256bfa1b29ebb02c54a64739d3c4f4a81edbff1f5d076508e2
SHA512

5ae46683e2f1d49b9b5d5fdadf3f6dadef1c220141d2c9e852a0b3dc5e1dcc4dadfd0b9537392a516aa54a30ae156eaa852506561f550ef52b333349a3839c4d
SSDEEP

3072:2EBtV+PSQWXFK+TvknjCYul2MugHrzmkGsO4kmydgDWAHBr:pS4bkjju9uhkGHRd

Score

N/A

Malware Config

Signatures

Files

b8ea138645beff256bfa1b29ebb02c54a64739d3c4f4a81edbff1f5d076508e2
.exe windows x86

907217b83d826f1e157fdd4dd9125f1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStartupInfoA
VirtualProtect
GetEnvironmentStringsW
OutputDebugStringA
CompareStringA
CreateFileMappingA
GetSystemDefaultLCID
CreateProcessW
EnumCalendarInfoA
GetStringTypeW
GetExitCodeProcess
lstrcmpA
VirtualQuery
GetModuleHandleA

msvcrt

_XcptFilter
_adjust_fdiv
_lseeki64
_strdup
exit
ceil
__getmainargs
printf
_wcsicmp
_itoa
_pipe
_c_exit
__setusermatherr
log10
_initterm
__p__commode
_except_handler3
wcsncmp
__p__fmode
__set_app_type
longjmp
rewind
_acmdln
_controlfp

advapi32

RegQueryValueExA
RegSetValueExW
QueryServiceStatus
RegOpenKeyExW
FreeSid
CryptCreateHash
RegEnumKeyA
InitializeAcl
RegOpenKeyA
RegCreateKeyExW

oleaut32

SafeArrayRedim
LoadTypeLib
SetErrorInfo
SysReAllocStringLen
SafeArrayGetUBound

ole32

OleInitialize
OleIsCurrentClipboard
CoSetProxyBlanket
CLSIDFromProgID
CoLoadLibrary
OleSetMenuDescriptor

comctl32

CreateToolbarEx
ImageList_EndDrag
ImageList_GetBkColor
ImageList_Replace
ImageList_Add
ImageList_LoadImageW
DestroyPropertySheetPage
ImageList_SetDragCursorImage
ImageList_GetImageCount

user32

GetMenuState
DrawEdge
ReleaseCapture
CreateWindowExA
GetClientRect
WinHelpA
SetFocus
DefWindowProcA
IsWindow
UnhookWindowsHookEx

version

GetFileVersionInfoA
VerQueryValueW
VerInstallFileA
GetFileVersionInfoSizeW
VerInstallFileW
VerQueryValueA
VerLanguageNameA
GetFileVersionInfoSizeA
GetFileVersionInfoW

shell32

SHAddToRecentDocs
SHChangeNotify
SHGetSpecialFolderPathA
CommandLineToArgvW
SHGetSpecialFolderPathW
SHBrowseForFolder
FindExecutableW
DragQueryFile

gdi32

SetViewportOrgEx
EndPage
ExtCreatePen
SetColorAdjustment
EndDoc
PlayMetaFileRecord
IntersectClipRect
GetMapMode
UnrealizeObject
CreateBrushIndirect

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

907217b83d826f1e157fdd4dd9125f1f

Headers

File Characteristics

Imports

kernel32

msvcrt

advapi32

oleaut32

ole32

comctl32

user32

version

shell32

gdi32

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 18KB - Virtual size: 40KB

.rsrc Size: 100KB - Virtual size: 99KB

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 18KB - Virtual size: 40KB

.rsrc
Size: 100KB - Virtual size: 99KB