ef5ab6afc0ff3c6a6c68e70a38899c1756d2b95c95a11525435dff76228b0e05

Sharing

Copy URL Twitter E-mail

General

Target

ef5ab6afc0ff3c6a6c68e70a38899c1756d2b95c95a11525435dff76228b0e05
Size

440KB
MD5

a1c8d0e8af47717cc81852de6200e765
SHA1

91424e58868180ac6030f8597c7b138ac30f5612
SHA256

ef5ab6afc0ff3c6a6c68e70a38899c1756d2b95c95a11525435dff76228b0e05
SHA512

c6038653612238340736041307d4f6fc57403813e37b4ad612fafb9e701056bcb7138fad7bd67de4cbc9a27f0f2d447c9cdfdfc5abab0c15adf0d8ef40533691
SSDEEP

12288:ovoyFTagPRQBLlm1xBNaYzUtXvnKX4GEERpa1MXMD:ovoyFWgPWiDVwJvnKXZEGxX2

Score

N/A

Malware Config

Signatures

Files

ef5ab6afc0ff3c6a6c68e70a38899c1756d2b95c95a11525435dff76228b0e05
.exe windows x86

3c201d462221be7c1dbadfaeaa497005

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

OemToCharBuffA
GetKeyboardType
DrawStateW
SetClipboardData
GetClipCursor
IsChild
IsMenu
BlockInput
CopyIcon
wvsprintfA
ToUnicodeEx
IsWindow
LoadKeyboardLayoutW
GetForegroundWindow
MapWindowPoints
SetCursorPos
DdeEnableCallback
RegisterTasklist
GetListBoxInfo
WindowFromDC

gdi32

GetBitmapDimensionEx
StretchBlt
PolyTextOutW
CancelDC
Escape
StartDocW
GetCharacterPlacementA
GetPixel
UpdateICMRegKeyA
GetROP2
SetLayout
GdiGetBatchLimit
SetLayout

kernel32

GetThreadTimes
GetStartupInfoW
GetCurrentProcess
GetExitCodeProcess
SetErrorMode
GlobalAddAtomA
OpenMutexA
FindNextFileA
VirtualAlloc
VirtualFree
GetComputerNameA
GetProfileIntA
GetFileTime
ExitProcess
EndUpdateResourceW
_lopen
GetModuleHandleA
FormatMessageA
ResetWriteWatch
GetPrivateProfileStructW
CreateDirectoryW
GlobalAddAtomW
GetCommandLineW
Sleep
GetTickCount

advapi32

RegOpenKeyExA
QueryServiceObjectSecurity
LockServiceDatabase
RegCreateKeyExA
RegQueryMultipleValuesA
QueryServiceStatus
EqualSid
SetSecurityDescriptorSacl

msvcrt

_ismbclower
_wstat
wcsncpy
_fgetwchar
wcsrchr
_spawnlpe
_ismbcgraph
_wcsnset
_wcmdln
_fgetchar
pow
_wspawnvp
_wunlink
_statusfp
tmpnam
div

ole32

IsValidPtrOut
DllGetClassObjectWOW
ReadClassStm
CoInitializeSecurity
HACCEL_UserSize
HBRUSH_UserFree

Sections

.text
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0001
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0002
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0003
Size: 36KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0004
Size: 38KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0005
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0006
Size: 39KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0007
Size: 36KB - Virtual size: 12.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0008
Size: 113KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3c201d462221be7c1dbadfaeaa497005

Headers

File Characteristics

Imports

user32

gdi32

kernel32

advapi32

msvcrt

ole32

Sections

.text Size: 23KB - Virtual size: 24KB

.data Size: 38KB - Virtual size: 46KB

.0001 Size: 39KB - Virtual size: 40KB

.0002 Size: 39KB - Virtual size: 40KB

.0003 Size: 36KB - Virtual size: 43KB

.0004 Size: 38KB - Virtual size: 47KB

.0005 Size: 38KB - Virtual size: 38KB

.0006 Size: 39KB - Virtual size: 41KB

.0007 Size: 36KB - Virtual size: 12.9MB

.0008 Size: 113KB - Virtual size: 115KB

.text
Size: 23KB - Virtual size: 24KB

.data
Size: 38KB - Virtual size: 46KB

.0001
Size: 39KB - Virtual size: 40KB

.0002
Size: 39KB - Virtual size: 40KB

.0003
Size: 36KB - Virtual size: 43KB

.0004
Size: 38KB - Virtual size: 47KB

.0005
Size: 38KB - Virtual size: 38KB

.0006
Size: 39KB - Virtual size: 41KB

.0007
Size: 36KB - Virtual size: 12.9MB

.0008
Size: 113KB - Virtual size: 115KB