51ea1e55458249c852573df72832526125cf8d6cdd4c69b48e9e2b99c6d07b66

Sharing

Copy URL

Twitter E-mail

General

Target

51ea1e55458249c852573df72832526125cf8d6cdd4c69b48e9e2b99c6d07b66
Size

475KB
MD5

0abc97c3b92f6c15fb63a24aaa3ac217
SHA1

f1e28d8690de7be15a655134eecc6a9ab00b5dd3
SHA256

51ea1e55458249c852573df72832526125cf8d6cdd4c69b48e9e2b99c6d07b66
SHA512

d0513768ff1cb28af88bdd7001d44ace66da4a1eb3bee6f4444b3ae22a1967080c5f2da129615255b98ac8afab80a0e5e2e8b1094e888378138f0c32b0d2fad3
SSDEEP

12288:Rp//BK7QfbBe4pHJh1iznPwL19ZIadyYmf2fe4J:fI7arJH9ZdcYKD

Score

N/A

Malware Config

Signatures

Files

51ea1e55458249c852573df72832526125cf8d6cdd4c69b48e9e2b99c6d07b66
.exe windows x86

df8b1060f1590d69f050e2f9820f6adf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SystemParametersInfoW
WinHelpW
RegisterClassA
UnregisterDeviceNotification
CreateWindowStationW
GetKeyboardLayoutNameA
CallWindowProcW
BroadcastSystemMessage
PostMessageW
IsIconic
SendNotifyMessageW
OpenWindowStationW
DrawMenuBar
MsgWaitForMultipleObjectsEx
GetMessageW
ChangeDisplaySettingsExA
MessageBoxExA
FillRect
InsertMenuItemW

comdlg32

LoadAlterBitmap

kernel32

GetOEMCP
GetStringTypeW
InterlockedExchange
GetProcAddress
UnhandledExceptionFilter
GetStringTypeA
IsValidCodePage
CreateMailslotW
SetConsoleCtrlHandler
GetLocaleInfoW
GetStdHandle
GetLastError
GetTimeFormatA
VirtualQuery
SetLastError
GetDateFormatA
QueryPerformanceCounter
TerminateProcess
GetEnvironmentStrings
Sleep
HeapSize
GetLongPathNameA
GetModuleFileNameW
MultiByteToWideChar
GetCPInfo
InterlockedIncrement
TlsAlloc
GetTimeZoneInformation
GetModuleHandleA
CompareStringW
SetUnhandledExceptionFilter
GetACP
GetVersionExA
GetCurrentProcessId
InterlockedDecrement
GetCommandLineA
IsValidLocale
GetUserDefaultLCID
ExitProcess
LeaveCriticalSection
FreeEnvironmentStringsW
InitializeCriticalSection
GetEnvironmentStringsW
GetStartupInfoA
EnumResourceLanguagesA
FreeEnvironmentStringsA
TlsSetValue
SetHandleCount
IsDebuggerPresent
GetSystemTimeAsFileTime
GetFileType
TlsFree
GetProcessHeap
LCMapStringA
GetCurrentThread
RtlUnwind
VirtualFree
GetCommandLineW
LCMapStringW
EnumSystemLocalesA
HeapCreate
HeapReAlloc
LoadLibraryA
TlsGetValue
GetCurrentProcess
GetCurrentThreadId
HeapDestroy
EnterCriticalSection
WideCharToMultiByte
GetLocaleInfoA
FreeLibrary
HeapFree
GetModuleFileNameA
VirtualAlloc
CompareStringA
GetStartupInfoW
WriteFile
HeapAlloc
SetEnvironmentVariableA
GetTickCount
DeleteCriticalSection

advapi32

RegEnumKeyW
LookupAccountSidW
RevertToSelf
LookupSecurityDescriptorPartsW
RegReplaceKeyA
RegDeleteValueA
RegQueryValueExA

shell32

SHFileOperationW
SHGetMalloc
ShellExecuteExA
SHGetSpecialFolderPathA
SHGetFileInfo

gdi32

Polygon
GetNearestPaletteIndex
GetColorSpace
AddFontResourceW
Escape
PolyTextOutA
EnumICMProfilesA
CreateDIBPatternBrush
SetTextColor
GetTextFaceW
GetDCOrgEx
CreateICW
SetDIBColorTable
CreateDIBitmap
CombineRgn
SetICMMode
ResetDCA
SetPolyFillMode
GetBkMode

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 323KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df8b1060f1590d69f050e2f9820f6adf

Headers

File Characteristics

Imports

user32

comdlg32

kernel32

advapi32

shell32

gdi32

Sections

.text Size: 132KB - Virtual size: 131KB

.rdata Size: 9KB - Virtual size: 17KB

.data Size: 323KB - Virtual size: 322KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 132KB - Virtual size: 131KB

.rdata
Size: 9KB - Virtual size: 17KB

.data
Size: 323KB - Virtual size: 322KB

.rsrc
Size: 10KB - Virtual size: 9KB