cfd767f874f72a5e471927299c91f1c63932a87212c92d992f00d081cd3048ec

Sharing

Copy URL Twitter E-mail

General

Target

cfd767f874f72a5e471927299c91f1c63932a87212c92d992f00d081cd3048ec
Size

92KB
MD5

2c2bc299867df831a61099d007ee651a
SHA1

591e35b8ae68a85f8cce3bc5c707778ea0ce8c2f
SHA256

cfd767f874f72a5e471927299c91f1c63932a87212c92d992f00d081cd3048ec
SHA512

fc1a1f241d85fdbe7ac6c7b76c597f4012051e1882da7d84f97e56438a42b35d9d7b64f59b43c8bb4a964de634fab659e43b8d68a381dba7b30330f42886afb7
SSDEEP

1536:ZE83aIjiEZCmVqkVx1/WnhFuh/x/Cf/EPZyV2j4cFj+tkyfYc0:+kOEImcexIPuh/JCfchyV2kcFj+tk2D0

Score

N/A

Malware Config

Signatures

Files

cfd767f874f72a5e471927299c91f1c63932a87212c92d992f00d081cd3048ec
.exe windows x86

903433d684fba01026cf4ae3fe15ee33

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteW
ShellAboutW

gdiplus

GdipAddPathRectangle
GdipIsVisiblePoint
GdipGetVisibleClipBounds
GdipNewPrivateFontCollection
GdipAddPathRectangles
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromFileICM
GdipIsClipEmpty
GdipAddPathClosedCurve
GdipWidenPath
GdipAddPathCurve3
GdipAddPathClosedCurve2
GdipReversePath
GdipNewInstalledFontCollection

kernel32

GlobalReAlloc
LocalSize
FatalExit
GlobalHandle
GlobalMemoryStatusEx
VirtualAllocEx
SetupComm
GlobalDeleteAtom
WaitNamedPipeA
GetLogicalDrives
GetFileAttributesA
CopyFileA
GetCommMask
HeapReAlloc
HeapAlloc
GetModuleHandleExW
CloseHandle
LocalUnlock
GlobalFix
GetNativeSystemInfo
SetLocalTime
HeapFree
SignalObjectAndWait
VirtualFreeEx
GetOverlappedResult
GetCPInfoExW
GetProcAddress

user32

GetWindowRgnBox
GetMessageW
LockWindowUpdate
InvalidateRect
GetMessagePos
GetMessageTime
ValidateRect
RegisterHotKey
SetMessageQueue
ExcludeUpdateRgn
UnregisterHotKey
ValidateRgn
RedrawWindow
ScrollWindow

advapi32

InitiateSystemShutdownW
RegConnectRegistryA
RegNotifyChangeKeyValue
RevertToSelf
RegOpenKeyExA
OpenServiceW
GetUserNameW
OpenSCManagerW
OpenThreadToken

Exports

Exports

_CloseDrive@8
_NewDevice@8
_RefreshWindow@4

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

903433d684fba01026cf4ae3fe15ee33

Headers

DLL Characteristics

File Characteristics

Imports

shell32

gdiplus

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: - Virtual size: 160B

.pdata Size: 512B - Virtual size: 512B

.rsrc Size: 80KB - Virtual size: 80KB

.reloc Size: 512B - Virtual size: 308B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: - Virtual size: 160B

.pdata
Size: 512B - Virtual size: 512B

.rsrc
Size: 80KB - Virtual size: 80KB

.reloc
Size: 512B - Virtual size: 308B