eaef1ef629dde0e7cab92cbc5d6c9989b7591cf259b1f6b84e15268247414e84

Sharing

Copy URL Twitter E-mail

General

Target

eaef1ef629dde0e7cab92cbc5d6c9989b7591cf259b1f6b84e15268247414e84
Size

23KB
MD5

8d21c29c3170b4f445f8b40bd34e8dd8
SHA1

bd404b9ccb53b73820ddbe1aeca842d6bb6de351
SHA256

eaef1ef629dde0e7cab92cbc5d6c9989b7591cf259b1f6b84e15268247414e84
SHA512

04dd30553c663f1898b365edf2609458024bb7fec0a179ebd0c43bcae43e7c54780a4d99ee2c2db529df06f69c803f4ffb7da2d51960e79ca05062076448cac8
SSDEEP

384:yvWnk1/H3TnFjSfbJSn2K02S27oV7xbsWfXN9plAkFnC+R:2ikZjWSn2NL2ckWfN9pl9FF

Score

N/A

Malware Config

Signatures

Files

eaef1ef629dde0e7cab92cbc5d6c9989b7591cf259b1f6b84e15268247414e84
.exe windows x86

8d96099e9132479c8dd9029726591340

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_strnicmp
_onexit
wcscpy
free
_wtoi
__dllonexit
_snwprintf
swprintf
wcscmp
_adjust_fdiv
wcsncmp
wcsncpy
realloc
wcslen
_iob
_except_handler3
_ftol
malloc
_local_unwind2
_wcsicmp
_vsnwprintf
fwrite
_initterm

user32

EndDialog
DestroyWindow
MessageBoxA
KillTimer
GetWindowLongA
SendMessageW
InvalidateRect
SetFocus
GetClientRect
wsprintfA
TranslateMessage
PostQuitMessage
SendMessageA
SetWindowPos
SetTimer
DefWindowProcA
MessageBoxW
GetWindowRect
SetWindowLongA
SetWindowLongW
LoadStringA
BeginPaint
DispatchMessageA
CharNextA
GetDlgItem
ReleaseDC
GetDC
GetDesktopWindow
GetSystemMetrics
SetCursor
GetSysColor
CreateWindowExA
GetWindowLongW

kernel32

FileTimeToLocalFileTime
GetWindowsDirectoryW
RemoveDirectoryW
WriteConsoleW
AddAtomW
CloseHandle
GetLastError
GetComputerNameW
IsBadCodePtr
OutputDebugStringW
CreateFileMappingW
LoadLibraryExA
LockResource
VirtualAlloc
LoadResource
GetCurrentDirectoryW
CreateDirectoryA
CreateMutexW
GetExitCodeProcess
RaiseException
OpenProcess
GetFullPathNameW
CopyFileW
IsValidCodePage
ExpandEnvironmentStringsA
ReleaseSemaphore
CreateFileMappingA
ResumeThread
lstrcatW
CreateMutexA
GetCurrentProcess
ExitProcess
VirtualFree
SizeofResource
GetTempPathA
SetFileAttributesA
CopyFileA
FindResourceA
CreateProcessW
FindNextFileA
GetCommandLineW

oleaut32

SafeArrayGetElement
SafeArrayGetUBound
RegisterTypeLib
LoadTypeLibEx
LoadTypeLib
SetErrorInfo
OleLoadPicture
GetErrorInfo
SafeArrayAccessData
SysReAllocStringLen
SysFreeString
VariantChangeTypeEx
SysStringLen
VariantCopyInd
SafeArrayCreate
SafeArrayGetLBound
VariantClear
GetActiveObject
VariantChangeType
SysStringByteLen
CreateErrorInfo
SafeArrayUnaccessData
SysAllocStringLen
SysAllocStringByteLen
VariantInit
VariantCopy

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoW
VerLanguageNameA
VerFindFileW
VerQueryValueW
GetFileVersionInfoSizeW

gdi32

DeleteObject
CreateRectRgn
MoveToEx
GetSystemPaletteEntries
CreatePen
SetTextColor
UnrealizeObject
CreateDIBitmap
GetStockObject
LineTo
SelectPalette
SelectClipRgn
DeleteDC
GetObjectA
BitBlt
CreateCompatibleDC
SetBkColor
SaveDC
SelectObject
CreatePalette
RestoreDC
RealizePalette
GetDeviceCaps
GetTextExtentPointA
ExtTextOutA
GetTextMetricsA
CreateSolidBrush
CreateFontIndirectA

advapi32

RegSetValueExA
RegCreateKeyExW
CloseServiceHandle
RegDeleteValueA
RegEnumValueW
RegEnumKeyExA
OpenThreadToken
RegCreateKeyExA
RegQueryInfoKeyW
RegDeleteValueW
GetTokenInformation
RegOpenKeyExW
RegQueryValueExW
InitializeSecurityDescriptor
RegEnumKeyExW
FreeSid
RegCloseKey
AllocateAndInitializeSid
RegQueryValueExA
RegDeleteKeyA
OpenProcessToken
RegSetValueExW
RegOpenKeyExA

rpcrt4

MesInqProcEncodingId
NdrByteCountPointerFree
NDRSContextMarshall
NdrByteCountPointerBufferSize
NdrAsyncServerCall
CStdStubBuffer_CountRefs
NdrAsyncClientCall
NDRCContextBinding
NdrAllocate
MesHandleFree
MesEncodeFixedBufferHandleCreate
NdrConformantStructBufferSize
NdrByteCountPointerUnmarshall
NDRSContextMarshallEx
NDRCContextMarshall
NDRcopy
MesDecodeIncrementalHandleCreate
MesIncrementalHandleReset
DllGetClassObject
NdrClientInitialize
DceErrorInqTextW
CreateStubFromTypeInfo
MesBufferHandleReset
DllRegisterServer

shell32

DllCanUnloadNow
SHChangeNotifyDeregister
DllGetVersion
IsNetDrive
DAD_DragLeave
DllGetClassObject
Shell_MergeMenus
RestartDialog
Shell_GetImageLists
Shell_GetCachedImageIndex
SHCoCreateInstance
PifMgr_OpenProperties
DllRegisterServer
DAD_DragEnterEx
PickIconDlg
SHStartNetConnectionDialogW
DragAcceptFiles
SHILCreateFromPath
GetFileNameFromBrowse
SHGetSetSettings
DragFinish
DllInstall
DllUnregisterServer
SHDefExtractIconW
PathResolve
DriveType
IsLFNDrive
DAD_DragMove
SHChangeNotifyRegister

Sections

.textbss
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 1024B - Virtual size: 969B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d96099e9132479c8dd9029726591340

Headers

File Characteristics

Imports

msvcrt

user32

kernel32

oleaut32

version

gdi32

advapi32

rpcrt4

shell32

Sections

.textbss Size: - Virtual size: 12KB

.text Size: 5KB - Virtual size: 5KB

.idata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 56B

.rdata Size: 6KB - Virtual size: 5KB

.debug Size: 1024B - Virtual size: 969B

.rsrc Size: 2KB - Virtual size: 2KB

.textbss
Size: - Virtual size: 12KB

.text
Size: 5KB - Virtual size: 5KB

.idata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 56B

.rdata
Size: 6KB - Virtual size: 5KB

.debug
Size: 1024B - Virtual size: 969B

.rsrc
Size: 2KB - Virtual size: 2KB