79e2fb598f570bc49f5db2355c829dd5d74d7e44ec1b020220b05e5114e44cae

Sharing

Copy URL Twitter E-mail

General

Target

79e2fb598f570bc49f5db2355c829dd5d74d7e44ec1b020220b05e5114e44cae
Size

246KB
MD5

b12129637fa5c817f204b3007adcc8c8
SHA1

b2b73f01387cf9d7469a4587608b34a4168c650a
SHA256

79e2fb598f570bc49f5db2355c829dd5d74d7e44ec1b020220b05e5114e44cae
SHA512

eb35cd262ed65c9c743b97aa5a7480e57ffdaee40276740da8c504af6a5b145bbd3412e478b3ae4c227cbbdb77a3b37b819d2d853cd6726e237ec71a727ee96b
SSDEEP

6144:k/XtsE0D/W2UOQPlvlQy+OTIu4yyxMNLRQZLp0es9uJsV+:4XtZ0D/W/1lnTIu4RsNS+eRm

Score

N/A

Malware Config

Signatures

Files

79e2fb598f570bc49f5db2355c829dd5d74d7e44ec1b020220b05e5114e44cae
.exe windows x86

4e1383e16e4ea5993c9a68cadbd473c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowPos

comdlg32

GetOpenFileNameW
ChooseFontW

shell32

SHInvokePrinterCommandW
FreeIconList
SHEmptyRecycleBinA
SHGetNewLinkInfo
SHAppBarMessage
ExtractIconExW
ShellAboutW
CheckEscapesW
SHGetDiskFreeSpaceA
SHFileOperationA
ExtractIconExA
SHGetPathFromIDListW
ShellExecuteA
SHGetPathFromIDListA
ExtractIconEx
ShellExecuteExW
SHLoadInProc
DragQueryFile
SHGetFileInfo
ExtractAssociatedIconExW
CommandLineToArgvW
ExtractAssociatedIconW

advapi32

RegRestoreKeyW
LookupPrivilegeDisplayNameA
CryptContextAddRef
RegQueryValueA
CryptReleaseContext
AbortSystemShutdownA

kernel32

GetUserDefaultLCID
LocalLock
GetTimeZoneInformation
GetStartupInfoA
HeapSize
GetCurrentThread
GetVolumeInformationW
InterlockedExchange
TlsAlloc
HeapReAlloc
LCMapStringW
GetCurrentThreadId
TlsGetValue
SetHandleCount
VirtualQuery
GetACP
VirtualAlloc
WriteFile
GetConsoleMode
GetTimeFormatA
MultiByteToWideChar
ExitProcess
GetCurrentProcess
LCMapStringA
HeapCreate
HeapAlloc
GetVersionExA
DeleteCriticalSection
ReadConsoleOutputCharacterA
GetCommandLineW
GetFileType
RtlFillMemory
GetStartupInfoW
GetSystemInfo
GetModuleFileNameA
IsDebuggerPresent
UnhandledExceptionFilter
GetCPInfo
IsBadWritePtr
CompareStringA
ReadConsoleOutputCharacterW
FindResourceExW
LoadLibraryA
EnterCriticalSection
VirtualProtect
VirtualFree
GetModuleHandleA
FreeEnvironmentStringsA
TransmitCommChar
IsValidLocale
GetProcAddress
GetTempFileNameW
TlsSetValue
GetStringTypeW
FreeEnvironmentStringsW
TerminateProcess
CompareStringW
GetEnvironmentStringsW
GetStdHandle
HeapDestroy
HeapFree
GetLastError
FindResourceA
IsValidCodePage
GetTickCount
GetDateFormatA
WideCharToMultiByte
RtlUnwind
InitializeCriticalSection
GetLocaleInfoA
SetLastError
GetCommandLineA
EnumSystemLocalesA
GetStringTypeA
LeaveCriticalSection
GetSystemTimeAdjustment
GetModuleFileNameW
GetCurrentProcessId
SetEnvironmentVariableA
GetSystemTimeAsFileTime
GetEnvironmentStrings
GetLocaleInfoW
QueryPerformanceCounter
GetOEMCP
CreateFileW
TlsFree

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e1383e16e4ea5993c9a68cadbd473c6

Headers

File Characteristics

Imports

user32

comdlg32

shell32

advapi32

kernel32

Sections

.text Size: 122KB - Virtual size: 122KB

.data Size: 111KB - Virtual size: 124KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 122KB - Virtual size: 122KB

.data
Size: 111KB - Virtual size: 124KB

.rsrc
Size: 11KB - Virtual size: 11KB