79f52c979df48681513cefe58318261153a1057a375e78d03b11a8366fffe291

Sharing

Copy URL Twitter E-mail

General

Target

79f52c979df48681513cefe58318261153a1057a375e78d03b11a8366fffe291
Size

309KB
MD5

91072726c242a4ae3b30840be6a92db5
SHA1

13e69b5239dde9c0068eedc6328fb573a3a3431a
SHA256

79f52c979df48681513cefe58318261153a1057a375e78d03b11a8366fffe291
SHA512

e2c01a1674ce56f73f2f10495c6dbd50f25deacba9424459300f908b4818e3fa5cfd3ee894471ed25168ab2dceb5dbd74ec1b6c8d302907f27b16b3d75aadd9b
SSDEEP

6144:LUY++dEbCf3u8g5rf8ml6P1m2t8uVj7jQPSZGVt0fs:LUY++d2Cvu8g578Y6PU2t8T55

Score

N/A

Malware Config

Signatures

Files

79f52c979df48681513cefe58318261153a1057a375e78d03b11a8366fffe291
.exe windows x86

e4c0faf2500269ce44b01a1659133f41

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupAccountSidA
CryptEnumProviderTypesA

comdlg32

PrintDlgW
FindTextW
GetSaveFileNameA
PrintDlgA
GetFileTitleW
ReplaceTextW
ChooseFontA
LoadAlterBitmap
GetOpenFileNameA
GetSaveFileNameW
PageSetupDlgA
ChooseFontW
GetFileTitleA
ReplaceTextA
ChooseColorA
ChooseColorW
FindTextA
PageSetupDlgW

shell32

SHQueryRecycleBinA
SHGetSpecialFolderPathA
DragQueryFile
ExtractIconExA
ExtractAssociatedIconExW
SheChangeDirA
SHGetDataFromIDListW
ShellExecuteW
SHGetMalloc
SheGetDirA
ExtractIconW
SHAddToRecentDocs
SHGetDiskFreeSpaceA

gdi32

CreateScalableFontResourceW
OffsetViewportOrgEx
GetCharacterPlacementA
SetPixel
CreatePatternBrush
DeleteMetaFile
BeginPath
GetWindowOrgEx
GetTextMetricsW
CreateMetaFileA

kernel32

ExitProcess
GetCPInfo
HeapReAlloc
TlsGetValue
GetDateFormatA
GetNamedPipeHandleStateA
TerminateProcess
SetUnhandledExceptionFilter
LeaveCriticalSection
InterlockedExchange
IsValidLocale
GetCommandLineA
LCMapStringA
HeapFree
GetOEMCP
UnhandledExceptionFilter
SetHandleCount
GetStringTypeA
GetTickCount
VirtualAlloc
GetStartupInfoA
FreeEnvironmentStringsA
SetConsoleCtrlHandler
WriteFile
GetCurrentProcessId
CompareStringA
lstrcpynA
DeleteCriticalSection
GetLastError
VirtualQuery
EnumSystemLocalesA
GetTimeFormatA
GetVersionExA
GetStdHandle
InterlockedDecrement
EnterCriticalSection
Sleep
HeapDestroy
GetModuleFileNameA
LoadLibraryA
GetACP
WideCharToMultiByte
LCMapStringW
GetProcAddress
SetLastError
GetCurrentThread
HeapSize
GetTimeZoneInformation
HeapCreate
HeapAlloc
GetEnvironmentStrings
GetCurrentThreadId
GetEnvironmentStringsW
VirtualFree
GetModuleHandleA
QueryPerformanceCounter
TlsFree
GetFileType
GetSystemTimeAsFileTime
TlsSetValue
GetCurrentProcess
InterlockedIncrement
SetEnvironmentVariableA
GetProcessHeap
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSection
CompareStringW
FreeEnvironmentStringsW
GetLocaleInfoW
IsDebuggerPresent
RtlUnwind
WriteConsoleOutputCharacterW
GetUserDefaultLCID
FreeLibrary
TlsAlloc
MultiByteToWideChar
IsValidCodePage

Sections

.text
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4c0faf2500269ce44b01a1659133f41

Headers

File Characteristics

Imports

advapi32

comdlg32

shell32

gdi32

kernel32

Sections

.text Size: 154KB - Virtual size: 154KB

.data Size: 139KB - Virtual size: 138KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 154KB - Virtual size: 154KB

.data
Size: 139KB - Virtual size: 138KB

.rsrc
Size: 14KB - Virtual size: 14KB