79da218883c49879fee6b8556e510bf0c55d7bf0de95b3aa80a40f40a0167132

Sharing

Copy URL Twitter E-mail

General

Target

79da218883c49879fee6b8556e510bf0c55d7bf0de95b3aa80a40f40a0167132
Size

135KB
MD5

531ae5fdb02fc7642797f6ef686860d5
SHA1

b38ec12d2207cd859ec5adbd12ba8cee262ee4ee
SHA256

79da218883c49879fee6b8556e510bf0c55d7bf0de95b3aa80a40f40a0167132
SHA512

7eaf4589836e257471227d4a23920c6bbd5b6db6e006cbcde58031c5e4886e6c006587debb2fc45e083720988847ef6f7601898f32dc75b655576b0022ef1282
SSDEEP

3072:OhdEWuGU5HClhlaCoGl3xjSP760/5Obf0hH3:OhdEjGU5i+kYTfobf6H3

Score

N/A

Malware Config

Signatures

Files

79da218883c49879fee6b8556e510bf0c55d7bf0de95b3aa80a40f40a0167132
.exe windows x86

19d959f2a59c3110f236f319e67f3729

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
LockResource
FindResourceExA
HeapFree
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
lstrcmpA
GlobalFree
IsBadCodePtr
SetUnhandledExceptionFilter
LocalFree
GetStringTypeW
InitializeCriticalSection
LoadLibraryA
GetFileType
GetModuleFileNameA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
WriteFile
LCMapStringW
LCMapStringA
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
GetCPInfo
GetOEMCP
TerminateProcess
GetProcAddress
VirtualFree
HeapCreate
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetCommandLineA
GetStartupInfoA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
RtlUnwind
ExitProcess
HeapSize
HeapReAlloc
HeapDestroy
lstrlenA
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetModuleHandleA
lstrlenW
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
GetProcessHeap
HeapAlloc
GetCurrentProcess
FlushInstructionCache
SetHandleCount
DeleteCriticalSection
GetACP
GetStringTypeA
InterlockedExchange

user32

DestroyWindow
CreateDialogParamA
MessageBoxA
SetForegroundWindow
GetMessageA
TranslateMessage
DispatchMessageA
UnregisterClassA
ShowWindow
SetWindowLongA
LoadImageA
GetSystemMetrics
PeekMessageA
CreateAcceleratorTableA
GetClassNameA
RedrawWindow
GetDlgItem
SetFocus
GetFocus
IsChild
DestroyAcceleratorTable
BeginPaint
EndPaint
CallWindowProcA
GetDesktopWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
FillRect
SetCapture
ReleaseCapture
GetSysColor
CreateWindowExA
RegisterWindowMessageA
RegisterClassExA
GetWindowTextLengthA
GetWindowTextA
PostQuitMessage
LoadCursorA
wsprintfA
GetClassInfoExA
GetParent
GetWindow
GetWindowRect
SystemParametersInfoA
MapWindowPoints
SetWindowPos
IsDialogMessageA
SendMessageA
GetClientRect
MoveWindow
SetWindowTextA
GetWindowLongA
CharNextA
DefWindowProcA
FindWindowA
IsWindow
IsIconic
OpenIcon

gdi32

GetObjectA
GetDeviceCaps
BitBlt
GetStockObject
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject
CreateCompatibleDC
CreateSolidBrush

advapi32

RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey
RegQueryInfoKeyA
RegEnumKeyExA
RegSetValueExA
RegCreateKeyExA

ole32

CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SysStringByteLen
VariantClear
VariantInit
SysStringLen
SysAllocString
SysAllocStringLen
VarUI4FromStr
SysFreeString
DispCallFunc

comctl32

InitCommonControlsEx

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 794B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

19d959f2a59c3110f236f319e67f3729

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 794B

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 794B