d47c35859e47e7fa5e9ead836cf82d2a41ad651f3a2823fffe943454df139c06

General

Target

d47c35859e47e7fa5e9ead836cf82d2a41ad651f3a2823fffe943454df139c06
Size

210KB
MD5

6cd19be1e7e33dc4fd4d430251375291
SHA1

cf3dc0966ee8349391aaacec256eb40308b98b1c
SHA256

d47c35859e47e7fa5e9ead836cf82d2a41ad651f3a2823fffe943454df139c06
SHA512

388b873ab6660d03a473090dd6a2ea5eb7738c473e23456022c89005e5cf0cdab4f40791c0ae4c83d20e5a7f5a32e2daac2dea927369cf50bc695838e74a8755
SSDEEP

6144:ZkusYLLggXcm3QLLaF8D8fJlXy6uNOVmsbM:ZkyL8g5Kz8C6kn

Score

N/A

Malware Config

Signatures

Files

d47c35859e47e7fa5e9ead836cf82d2a41ad651f3a2823fffe943454df139c06
.exe windows x86

d8cc83a2a1e8375b40dd54aedd320da9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyA
RegCloseKey
RegSetValueA
RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA

quartz

AMGetErrorTextW

winmm

timeGetDevCaps
timeBeginPeriod
timeGetTime
timeEndPeriod

ole32

CoTaskMemFree
CreateStreamOnHGlobal
GetRunningObjectTable
CLSIDFromString
CoRevokeClassObject
CoFreeUnusedLibraries
StringFromGUID2
CoUninitialize
CreateItemMoniker
StringFromCLSID
CoInitialize
CoCreateInstance
CoInitializeEx
CoRegisterClassObject
CoTaskMemAlloc

kernel32

LocalFree
CreateFiberEx
GetCurrentProcessId
SetEvent
GetSystemTimeAsFileTime
EscapeCommFunction
GetVersionExA
CreateThread
ResumeThread
EnumResourceNamesA
EnterCriticalSection
CloseHandle
FatalExit
CreateEventA
GetACP
WaitForSingleObject
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection

shell32

SHGetSpecialFolderPathA

user32

RegisterWindowMessageA
wvsprintfA
CopyRect
RegisterClassA
GetQueueStatus
PostThreadMessageA
MsgWaitForMultipleObjects
CreateWindowExA
GetMessageA
wsprintfA
LoadStringA
DispatchMessageA
PeekMessageA
MonitorFromWindow
DestroyWindow

Sections

.text
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8cc83a2a1e8375b40dd54aedd320da9

Headers

File Characteristics

Imports

advapi32

quartz

winmm

ole32

kernel32

shell32

user32

Sections

.text Size: 192KB - Virtual size: 192KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 14KB - Virtual size: 14KB

.lib Size: 512B - Virtual size: 88KB

.text
Size: 192KB - Virtual size: 192KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 14KB - Virtual size: 14KB

.lib
Size: 512B - Virtual size: 88KB