16e9bd501b0f3e57d113c99c20ead89d21bebb6541d901290a59c5dfa4f0e4ed

Sharing

Copy URL Twitter E-mail

General

Target

16e9bd501b0f3e57d113c99c20ead89d21bebb6541d901290a59c5dfa4f0e4ed
Size

150KB
MD5

7c627782d946670a431be1ef425fc831
SHA1

b219b2d648beea4dc23e616e5cd051d9bd5a2bfd
SHA256

16e9bd501b0f3e57d113c99c20ead89d21bebb6541d901290a59c5dfa4f0e4ed
SHA512

5ee74f32de78f5207d31a07a9e34d78ffaa2c69eb64bf664f1c9367a598f039138973b23576543731d9af648fe97e5ccbe8dc49929a4339fb38d674a6d2b7f7a
SSDEEP

3072:iNE2A9bgPbwSh7eK75MpATId1/aa8M5VjdiyQfvZJKUaaVyyK+CF+:iA+PbwSdeU5XIn5ZdirfFaTyZC

Score

N/A

Malware Config

Signatures

Files

16e9bd501b0f3e57d113c99c20ead89d21bebb6541d901290a59c5dfa4f0e4ed
.exe windows x86

0c3bc01f2fc34435e5d30865e68ebf30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathA
SHGetDesktopFolder
SHGetDiskFreeSpaceA
SHGetDesktopFolder
SHGetFileInfoA
SHGetFolderPathA
SHGetDiskFreeSpaceA

msvcrt

clock
memmove
sqrt
rand
swprintf
tolower
wcstol
time
calloc
memcpy
srand
mbstowcs

gdi32

CreatePalette
CreateCompatibleDC
GetClipBox
CreateCompatibleBitmap
RestoreDC
SetTextColor
RestoreDC
CreatePenIndirect
SetBkColor
LineTo
GetObjectA
CreateDIBitmap
CopyEnhMetaFileA
CreateBrushIndirect
CreateDIBitmap
SaveDC
SelectObject

version

VerFindFileA
VerQueryValueA

advapi32

RegCreateKeyExA
RegEnumKeyA
RegOpenKeyA
RegCreateKeyA
RegCreateKeyExA
RegQueryValueExA
GetUserNameA
RegDeleteKeyA

user32

DrawEdge
GetFocus
GetSysColorBrush
DefWindowProcA
DefFrameProcA
CallNextHookEx
GetDC
GetMenuStringA
GetMenuState
CharLowerBuffA
CreatePopupMenu
GetSubMenu
EnableWindow
GetLastActivePopup
CharToOemA

shlwapi

SHDeleteValueA
PathFileExistsA
PathIsDirectoryA
PathGetCharTypeA
SHStrDupA

comdlg32

GetOpenFileNameA
ChooseColorA
GetSaveFileNameA
FindTextA
GetFileTitleA
FindTextA
GetSaveFileNameA
FindTextA
GetOpenFileNameA
ChooseColorA
GetSaveFileNameA

ole32

CoRegisterClassObject
StgCreateDocfileOnILockBytes
OleRun
CreateStreamOnHGlobal
CoCreateFreeThreadedMarshaler
CoGetObjectContext

kernel32

VirtualAlloc
GetCommandLineA
GetProcAddress
ExitProcess
GetACP
LoadLibraryA
RaiseException
lstrcmpA
ExitThread
FormatMessageA
ReadFile
VirtualAllocEx
LocalReAlloc
GetSystemDefaultLangID
GetCurrentThread
SizeofResource

Sections

.bss
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 4KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c3bc01f2fc34435e5d30865e68ebf30

Headers

File Characteristics

Imports

shell32

msvcrt

gdi32

version

advapi32

user32

shlwapi

comdlg32

ole32

kernel32

Sections

.bss Size: 27KB - Virtual size: 26KB

BSS Size: 116KB - Virtual size: 115KB

INIT Size: 4KB - Virtual size: 107KB

DATA Size: 1KB - Virtual size: 1KB

.bss
Size: 27KB - Virtual size: 26KB

BSS
Size: 116KB - Virtual size: 115KB

INIT
Size: 4KB - Virtual size: 107KB

DATA
Size: 1KB - Virtual size: 1KB