b848814aa25f20b1f0af88e234e8b3600f0055d50cb921dff0bef200de7ae060

Sharing

Copy URL Twitter E-mail

General

Target

b848814aa25f20b1f0af88e234e8b3600f0055d50cb921dff0bef200de7ae060
Size

112KB
MD5

14273f29ff1869496ff7189320042d62
SHA1

6be6abbb24df8d558f46b315f7c901d1fd51c9dc
SHA256

b848814aa25f20b1f0af88e234e8b3600f0055d50cb921dff0bef200de7ae060
SHA512

7f1871b95fa9a7fd8c9de9050adf4ad91a548f0fa655ae76451f5c29d6d4e8864ac83e854d5d8b0260731b95a56a2eb86f35a59489de8f0fc8d555b23abb92f6
SSDEEP

3072:ECdNetJYrdzCHFBoAYbGd7Jc8/mlOQBxRVNlSwL/G0zjsQ:ECTRrdz4FBoAYbGFv8OQ7RRnL/G0v

Score

N/A

Malware Config

Signatures

Files

b848814aa25f20b1f0af88e234e8b3600f0055d50cb921dff0bef200de7ae060
.exe windows x86

52c2a68c1b9786acb41c9f6dad56816a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__dllonexit
_initterm
_setmode
strstr
exit
_write
_exit
__getmainargs
strcmp
printf
__p__commode
calloc
_except_handler3
__p__fmode
signal
_XcptFilter
_adjust_fdiv
free
_acmdln
__setusermatherr
__set_app_type

kernel32

GetProcAddress
LoadLibraryExW
FlushFileBuffers
FileTimeToSystemTime
GetEnvironmentStrings
GetFileType
GetModuleHandleW
IsBadCodePtr
EnumCalendarInfoA
VirtualProtectEx

advapi32

CheckTokenMembership
RegEnumKeyExW
CryptGenRandom
RegQueryValueExA
CryptAcquireContextA

oleaut32

SafeArrayCreate
CreateErrorInfo
SafeArrayGetUBound
SafeArrayRedim
SysFreeString
SysStringByteLen

comctl32

ImageList_DragShowNolock
ImageList_GetBkColor
ImageList_DrawEx
ImageList_BeginDrag
DestroyPropertySheetPage
ImageList_Remove
ImageList_AddMasked
CreatePropertySheetPageA

shell32

SHGetFileInfo
SHBrowseForFolder
SHCreateDirectoryExW
ShellExecuteA

gdi32

RestoreDC
SetTextAlign
Arc
LineDDA
Polyline
GetBrushOrgEx
CreateFontA
CombineRgn

ole32

DoDragDrop
OleInitialize
PropVariantClear

user32

GetWindowThreadProcessId
EnumWindows

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

52c2a68c1b9786acb41c9f6dad56816a

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

oleaut32

comctl32

shell32

gdi32

ole32

user32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 44KB - Virtual size: 60KB

.rsrc Size: 62KB - Virtual size: 62KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 44KB - Virtual size: 60KB

.rsrc
Size: 62KB - Virtual size: 62KB