d466cb1e4730c685caa3251a88e599f04fe79bee0208f1655ef406b25c7fa312

Sharing

Copy URL Twitter E-mail

General

Target

d466cb1e4730c685caa3251a88e599f04fe79bee0208f1655ef406b25c7fa312
Size

107KB
MD5

f6d40d02906032be5296fce65ea9e062
SHA1

958358c7a5fb8ec2ce4b2ad917b77081986728e7
SHA256

d466cb1e4730c685caa3251a88e599f04fe79bee0208f1655ef406b25c7fa312
SHA512

3f4947c52149ed7f8e192e6d403e2f93be3de1c66d4d57ca41e8664086364eaac79f7ef45aaf8751535ece77950816e09189006e21a13c8ea9e4ca35ea5197c1
SSDEEP

3072:yNEFdftQbpkcuxgrLQxPS5ZQdnrwGKZmaDNZ+2Mj3QvprrMKMMiU1m9:ZQbpkcuxgrLQxPS5CdrVKZmAn+2qQBHb

Score

N/A

Malware Config

Signatures

Files

d466cb1e4730c685caa3251a88e599f04fe79bee0208f1655ef406b25c7fa312
.exe windows x86

b7a69af2ecbdc044cc5425d5bf1f3315

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DeleteFileA
EnumResourceNamesA
ExitProcess
GetACP
GetCommandLineA
GetFileSize
GetLastError
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
InterlockedIncrement
LeaveCriticalSection
ReadFile
RtlUnwind
SetCurrentDirectoryA
SetErrorMode
SetLastError
TlsGetValue
VirtualFree
WriteFile
WritePrivateProfileSectionA
lstrcatA

advapi32

RegCloseKey
RegEnumKeyA
RegLoadKeyA
RegOpenKeyExA
RegQueryValueA
LookupPrivilegeValueA

ole32

CreateBindCtx
CoUninitialize
CoInitialize
CoCreateInstance
OleInitialize
WriteClassStm
ReleaseStgMedium
ProgIDFromCLSID
OleUninitialize
GetConvertStg
CoGetClassObject

user32

SetFocus
RegisterClassA
OemToCharBuffA
MessageBoxA
LoadBitmapA
GetDC
CreateAcceleratorTableA
EnableWindow

shell32

SHGetFileInfoA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA
ShellExecuteW
SHBindToParent

shlwapi

PathFindExtensionA
PathMatchSpecA
PathUnquoteSpacesA
SHAutoComplete
StrChrA
PathCompactPathExA
PathFileExistsA

imm32

ImmGetContext
ImmGetCompositionStringW
ImmReleaseContext
ImmSetCompositionFontA
ImmSetCompositionWindow

msvcrt

vsprintf
free
getenv
malloc
memmove
strcmp
_errno
__dllonexit
_except_handler3

oleaut32

SysFreeString
SysStringLen
VariantClear
VariantCopyInd
SysAllocStringLen
LoadTypeLib

Exports

Exports

Hrgxwdtfme
Ijwkfpr
Kqzwrinpfz
Rcmhjdejhur
Vvqxvfilh
Wjjqkyuez
Xgfxr

Sections

.text
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7a69af2ecbdc044cc5425d5bf1f3315

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

user32

shell32

shlwapi

imm32

msvcrt

oleaut32

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 24KB

.rdata Size: 30KB - Virtual size: 32KB

.data Size: 25KB - Virtual size: 28KB

.idata Size: 3KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 23KB - Virtual size: 24KB

.rdata
Size: 30KB - Virtual size: 32KB

.data
Size: 25KB - Virtual size: 28KB

.idata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 28KB