bdcae7ec3876e4479f5a7304288701d3b2dc2944907d9fe1153d3f70bc57ea65

Sharing

Copy URL

Twitter E-mail

General

Target

bdcae7ec3876e4479f5a7304288701d3b2dc2944907d9fe1153d3f70bc57ea65
Size

458KB
MD5

0f906adaf5eaf90246bd7ed8489f5716
SHA1

1d0a368b6bf39666e4e8589c661a565f6b2bee4f
SHA256

bdcae7ec3876e4479f5a7304288701d3b2dc2944907d9fe1153d3f70bc57ea65
SHA512

7e49498e518f9d8bb5cf5c6c553a8dbd900880fcfde42aeaf4f5720fd974e60307c25e58aae32a8ae765c9aa817335fb3a680a9a1588e4558202d9adc1e56fc2
SSDEEP

12288:LkZ1nqRdJWZr2aqe5kx5370OTQlYbDSB/rpoIz2JOrryds3pZeiuynD663HN:k5Ov/TkY/SlaO2kpvui+2

Score

N/A

Malware Config

Signatures

Files

bdcae7ec3876e4479f5a7304288701d3b2dc2944907d9fe1153d3f70bc57ea65
.exe windows x86

973ce3ae8ff458b8318d637ac4fec636

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetFileTitleA
PrintDlgW
ChooseColorA
GetOpenFileNameA

gdi32

CreateICA
GetStretchBltMode
CreateCompatibleBitmap
CreateCompatibleDC
CreateRectRgn
AnimatePalette
Rectangle
Arc
ExtCreateRegion
MoveToEx
CombineRgn
GetLogColorSpaceW
DeleteEnhMetaFile
UpdateICMRegKeyW
PolyTextOutA
GetNearestPaletteIndex

advapi32

LookupSecurityDescriptorPartsW
InitiateSystemShutdownA
LookupPrivilegeValueW
CryptVerifySignatureW
LookupPrivilegeDisplayNameW
RegSetValueW
CryptSetProviderExA
InitiateSystemShutdownW
GetUserNameA
RegConnectRegistryW

shell32

ShellExecuteEx
SheChangeDirA
SHGetDataFromIDListA
DragAcceptFiles
SHAddToRecentDocs
DragFinish
RealShellExecuteExW
ShellExecuteExW
RealShellExecuteW
SHGetNewLinkInfo
RealShellExecuteExA
ExtractIconEx
ShellExecuteExA
SHGetPathFromIDList
SHGetSpecialFolderPathA
SHFileOperationW
SHAppBarMessage

kernel32

VirtualQuery
ExitProcess
GetStdHandle
InterlockedExchange
GetLastError
UnlockFileEx
GetStartupInfoW
LeaveCriticalSection
GetEnvironmentStrings
GetCommandLineW
QueryPerformanceCounter
WriteFile
TlsGetValue
ReadConsoleOutputCharacterW
GetVersion
FreeEnvironmentStringsA
ContinueDebugEvent
GetCommandLineA
SetHandleCount
GetFileAttributesExW
GetTickCount
VirtualAlloc
GetProcAddress
InitializeCriticalSection
TlsAlloc
HeapFree
HeapReAlloc
GetCurrentThread
TlsFree
HeapDestroy
GetModuleHandleA
GetCurrentProcessId
RtlUnwind
HeapAlloc
GetSystemTimeAsFileTime
EnterCriticalSection
GetFileType
LoadLibraryA
UnhandledExceptionFilter
SetLastError
DeleteCriticalSection
TerminateProcess
MultiByteToWideChar
GetModuleFileNameW
GetStartupInfoA
FreeEnvironmentStringsW
TlsSetValue
HeapCreate
GetEnvironmentStringsW
GetCurrentProcess
VirtualFree
GetModuleFileNameA
IsBadWritePtr
GetCurrentThreadId

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

973ce3ae8ff458b8318d637ac4fec636

Headers

File Characteristics

Imports

comdlg32

gdi32

advapi32

shell32

kernel32

Sections

.text Size: 140KB - Virtual size: 140KB

.data Size: 303KB - Virtual size: 302KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 140KB - Virtual size: 140KB

.data
Size: 303KB - Virtual size: 302KB

.rsrc
Size: 14KB - Virtual size: 13KB