3a21bba84a1a12a62d041cca0525935b7c2601e32a7eed878b0ea57fb3a03293

Sharing

Copy URL Twitter E-mail

General

Target

3a21bba84a1a12a62d041cca0525935b7c2601e32a7eed878b0ea57fb3a03293
Size

146KB
MD5

51354ca509689f7f14429a7f7087a815
SHA1

95de4816618f64b4f0a10968ffad0a57be5e3065
SHA256

3a21bba84a1a12a62d041cca0525935b7c2601e32a7eed878b0ea57fb3a03293
SHA512

e32522d6e43ed8456ad98e72086112e022d398d4d0881774ed2c8c108207cd8d19f3ed05e79cc25387c521cd88a40ce50b141047abece67f987121ba3f8e9aa3
SSDEEP

3072:rK0pTbGQrnT9bM6fSbTkzLEZUiz4EBmC12iDfGlhLd:rBT1MAwonbbAmJiDfGJ

Score

N/A

Malware Config

Signatures

Files

3a21bba84a1a12a62d041cca0525935b7c2601e32a7eed878b0ea57fb3a03293
.exe windows x86

67047aa6c1cf46d1d8c7363193b34740

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

swscanf
__getmainargs
toupper
__p__fmode
__set_app_type
_XcptFilter
puts
_initterm
_except_handler3
_adjust_fdiv
exit
getenv
swprintf
__p__commode
__setusermatherr
ceil
fgets
iswdigit
wcscat
_get_osfhandle
log10
_acmdln
_getcwd
_strnicmp
_controlfp

kernel32

GetDateFormatA
SetUnhandledExceptionFilter
IsBadCodePtr
SetCurrentDirectoryA
GetModuleHandleA
lstrlenA
GetStartupInfoA
VirtualProtect
GlobalHandle
GetConsoleMode
InterlockedCompareExchange

version

VerLanguageNameA
GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoW
VerInstallFileA
GetFileVersionInfoSizeW
VerFindFileW
VerQueryValueA

comctl32

ImageList_AddMasked
ImageList_Replace
ImageList_SetBkColor
ImageList_SetOverlayImage
ImageList_LoadImageA
ImageList_Add

advapi32

CheckTokenMembership
RegOpenKeyExW
CloseServiceHandle
OpenServiceA
RegCreateKeyA

gdi32

Arc
CreatePenIndirect
CreateEnhMetaFileA
GetTextExtentExPointW
RestoreDC
ScaleWindowExtEx
DeleteObject
EnumEnhMetaFile
GetBkColor
SetAbortProc

oleaut32

VariantClear
VariantInit
SysReAllocStringLen
SafeArrayPutElement
CreateErrorInfo
SysStringByteLen
GetActiveObject
LoadTypeLib
GetErrorInfo
SafeArrayCreate
SysFreeString

ole32

StgOpenStorageOnILockBytes
CoInitializeSecurity
OleSetClipboard
CoTaskMemFree
RevokeDragDrop
RegisterDragDrop
OleUninitialize
CoRegisterClassObject
CoGetMalloc
OleFlushClipboard
PropVariantClear

user32

SetForegroundWindow
SetWindowTextA
GetClassInfoA
WaitMessage
CallWindowProcA
UnregisterClassA
SetWindowPlacement

shell32

DragQueryFileW
SHGetMalloc
SHGetSpecialFolderPathW
SHGetDiskFreeSpaceExW
SHAppBarMessage
SHBrowseForFolder
SHGetPathFromIDListA

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67047aa6c1cf46d1d8c7363193b34740

Headers

File Characteristics

Imports

msvcrt

kernel32

version

comctl32

advapi32

gdi32

oleaut32

ole32

user32

shell32

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 17KB - Virtual size: 42KB

.rsrc Size: 109KB - Virtual size: 108KB

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 17KB - Virtual size: 42KB

.rsrc
Size: 109KB - Virtual size: 108KB