77f5a535fb79df81b80db52a50845457f0b6112444c5650b9338e0295354814f

Sharing

Copy URL Twitter E-mail

General

Target

77f5a535fb79df81b80db52a50845457f0b6112444c5650b9338e0295354814f
Size

487KB
MD5

3964117258e601f6c6fa2140b82fa848
SHA1

797e406c32b97e1a96c2e19207e66b364e82d25f
SHA256

77f5a535fb79df81b80db52a50845457f0b6112444c5650b9338e0295354814f
SHA512

0a8d334272737b14e4252c397b7b897e7066658ec8424bc18ca75bec0cf4b07cf9c18dfdc7ca4acf864be4744c603fe5ab98c3070dc28b8d838522eb68ff8a76
SSDEEP

12288:6FAPXIvS6XmPYH6FKADQ0sp1wtsKDoHtsBiFQLE:F42PzxDY1wtnk/QI

Score

N/A

Malware Config

Signatures

Files

77f5a535fb79df81b80db52a50845457f0b6112444c5650b9338e0295354814f
.exe windows x86

3364e74311dd8dacb618368ff84138e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyIcon
SetUserObjectInformationW
TranslateMDISysAccel
CharToOemBuffW
EmptyClipboard
GetNextDlgTabItem
ChildWindowFromPointEx
DrawCaption
DestroyCursor
DeleteMenu
DragDetect
CascadeChildWindows
RegisterClassExA
ShowCursor

advapi32

RegCloseKey
CryptAcquireContextW
CryptContextAddRef
AbortSystemShutdownW
LookupAccountSidA
RegQueryMultipleValuesW
LookupPrivilegeValueW
RegEnumValueW
RegQueryInfoKeyA
CryptVerifySignatureA
RevertToSelf
RegQueryValueA
LookupAccountSidW
RegCreateKeyW
RegLoadKeyW
RegOpenKeyExW
RegLoadKeyA
CryptHashData
DuplicateTokenEx
CryptGetUserKey
CryptSetHashParam

comdlg32

ChooseFontW
ChooseColorA
ChooseColorW
GetOpenFileNameW
FindTextW
GetOpenFileNameA

gdi32

GetEnhMetaFileDescriptionW
CombineTransform
ExtCreateRegion
GetPolyFillMode
GdiSetBatchLimit
SetTextCharacterExtra
GetMetaFileW
InvertRgn
ExtEscape
GetMetaRgn
GetCharWidthA

kernel32

CompareStringW
QueryPerformanceCounter
GetUserDefaultLCID
TlsGetValue
GetPrivateProfileSectionA
VirtualFree
HeapDestroy
TlsAlloc
LoadLibraryA
GetTickCount
InterlockedExchange
RtlUnwind
EnumSystemLocalesA
EnterCriticalSection
FlushInstructionCache
SetLastError
GetFileType
GetLocaleInfoW
SetEnvironmentVariableA
GetCurrentProcess
WideCharToMultiByte
GetCurrentProcessId
GetDiskFreeSpaceW
GetCurrentThread
TlsSetValue
TlsFree
FreeEnvironmentStringsW
GetTimeZoneInformation
GetEnvironmentStrings
SetConsoleCtrlHandler
GetDateFormatA
GetACP
SetUnhandledExceptionFilter
VirtualAlloc
FreeEnvironmentStringsA
CloseHandle
GetCurrentThreadId
GetCPInfo
HeapFree
HeapSize
IsValidCodePage
HeapReAlloc
GetLastError
TerminateProcess
InterlockedDecrement
GetEnvironmentStringsW
InterlockedCompareExchange
FreeLibrary
InterlockedIncrement
GetOEMCP
GetTimeFormatA
GetModuleHandleW
GetStringTypeW
IsDebuggerPresent
lstrlen
GetModuleHandleA
LoadLibraryExA
InitializeCriticalSectionAndSpinCount
lstrcmpW
CompareStringA
VirtualQuery
CreateFileA
HeapCreate
LeaveCriticalSection
ExitProcess
DeleteCriticalSection
GetLocaleInfoA
lstrcpyn
SetHandleCount
GetTempPathA
UnlockFileEx
MultiByteToWideChar
HeapAlloc
LCMapStringA
GetSystemTimeAsFileTime
GetModuleFileNameA
GetNamedPipeHandleStateA
GetStdHandle
UnhandledExceptionFilter
Sleep
GetProcAddress
IsValidLocale
GetCommandLineA
WriteFile
LCMapStringW
GetStringTypeA
GetStartupInfoA

Sections

.text
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3364e74311dd8dacb618368ff84138e6

Headers

File Characteristics

Imports

user32

advapi32

comdlg32

gdi32

kernel32

Sections

.text Size: 204KB - Virtual size: 204KB

.data Size: 277KB - Virtual size: 277KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 204KB - Virtual size: 204KB

.data
Size: 277KB - Virtual size: 277KB

.rsrc
Size: 4KB - Virtual size: 4KB