56dea3c508b751ef396399b4b9975ed3e90483dbeaa37b5dc246a987b2a56025

Sharing

Copy URL Twitter E-mail

General

Target

56dea3c508b751ef396399b4b9975ed3e90483dbeaa37b5dc246a987b2a56025
Size

157KB
MD5

64416a24761931b57014430d3eea7428
SHA1

f964de886d87854078e318eb28da69e3a5cf8dd0
SHA256

56dea3c508b751ef396399b4b9975ed3e90483dbeaa37b5dc246a987b2a56025
SHA512

c0a1efe8a35dd4c5896adb64bde876dcf9947ce8f522cde93e2bbd6598bd032ceaefc7912352a3bbee75a3e42585908bba9eaa35e62152e0094ab3e7484f6a47
SSDEEP

3072:AUF8O/rUUm0OLyzMjGEv2TtFBAh/IQXgPY4IpoMlh:ZF8O/rUUm0hzMj1vkFB8/IQXED8

Score

N/A

Malware Config

Signatures

Files

56dea3c508b751ef396399b4b9975ed3e90483dbeaa37b5dc246a987b2a56025
.exe windows x86

f954429dc06f20a5a951bcc0d2c07a71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
GetCurrentProcess
GetUserDefaultLCID
LocalAlloc
GetEnvironmentStrings
GetACP
VirtualAllocEx
WaitForSingleObject
lstrcpynA
WideCharToMultiByte
ExitProcess
VirtualFree
GetCurrentThreadId
LoadLibraryExA
GetProcessHeap
CompareStringA
HeapAlloc

gdi32

GetClipBox
RestoreDC
CreateBitmap
CreateCompatibleDC

ole32

StgOpenStorage
MkParseDisplayName
CoGetMalloc
OleCreateStaticFromData

user32

EqualRect
EnumChildWindows
MessageBoxA
ShowWindow
GetWindow
GetDlgItem
IsMenu
GetMenuState
IsWindowVisible
GetMessagePos
DispatchMessageA
CreatePopupMenu
SetWindowPos
GetSysColorBrush
GetPropA
GetClipboardData
FrameRect

msvcrt

wcsncmp
memmove
srand
wcstol
clock
swprintf
calloc
time
atol
sqrt
tolower
malloc

advapi32

RegEnumKeyA

shlwapi

PathGetCharTypeA
SHGetValueA
PathFileExistsA
SHQueryValueExA
PathIsContentTypeA
SHEnumValueA
SHQueryInfoKeyA
SHDeleteKeyA
SHDeleteValueA
SHStrDupA

comdlg32

GetSaveFileNameA
FindTextA
GetFileTitleA
ChooseColorA

Sections

DATA
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 415B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f954429dc06f20a5a951bcc0d2c07a71

Headers

File Characteristics

Imports

kernel32

gdi32

ole32

user32

msvcrt

advapi32

shlwapi

comdlg32

Sections

DATA Size: 16KB - Virtual size: 16KB

.rdata Size: 132KB - Virtual size: 132KB

.idata Size: 4KB - Virtual size: 3KB

INIT Size: 2KB - Virtual size: 73KB

.tls Size: 512B - Virtual size: 415B

DATA
Size: 16KB - Virtual size: 16KB

.rdata
Size: 132KB - Virtual size: 132KB

.idata
Size: 4KB - Virtual size: 3KB

INIT
Size: 2KB - Virtual size: 73KB

.tls
Size: 512B - Virtual size: 415B