ef5a2cac237d4f358b5876199927e1f42972b5396b3002fd309724548a0f0ee8

General

Target

ef5a2cac237d4f358b5876199927e1f42972b5396b3002fd309724548a0f0ee8
Size

120KB
MD5

3375325d1306e174e936d58a779e5e50
SHA1

5731566ff6811d91da029c76abcfa644e08496a6
SHA256

ef5a2cac237d4f358b5876199927e1f42972b5396b3002fd309724548a0f0ee8
SHA512

521ae5fa60eeccd5c2160c92ac11a9836a3a342f3608f82e7553863795bbc52f64af900f76b355a0eecafb3995412698bccbad9090f8dd7625a2d0d5648b5b12
SSDEEP

3072:NoaVV7NlAFBlR5mtcEyqMmM/kZ40LVPKlJMBkukatg01xnip:J7s5Rktl49/q4yVPKlJxab1+

Score

N/A

Malware Config

Signatures

Files

ef5a2cac237d4f358b5876199927e1f42972b5396b3002fd309724548a0f0ee8
.exe windows x86

aad0e8a4017150535c857b08c1d52c47

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawCreate
DirectDrawEnumerateA
DirectDrawCreateEx

shell32

ShellExecuteExW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegEnumValueW
RegEnumValueA
RegCloseKey
RegCreateKeyExW

ole32

GetRunningObjectTable
CoCreateInstance
CoInitialize
CoUninitialize
CreateClassMoniker

shlwapi

PathFindExtensionW
PathAddBackslashW
PathCombineW
PathRemoveFileSpecW
PathAppendW

kernel32

VirtualQuery
VirtualProtect
SetConsoleMode
IsBadWritePtr
SetUnhandledExceptionFilter
GetStartupInfoA
GetCommandLineA
GetVersionExA
GetProcessVersion
HeapFree
ExitProcess
UnhandledExceptionFilter
GetModuleHandleA
GetStdHandle
HeapAlloc
VirtualFree
GetModuleFileNameA
HeapCreate
HeapDestroy
RtlUnwind
HeapReAlloc
VirtualAlloc
FreeEnvironmentStringsA

user32

EndDialog
CreateWindowExW
GetWindowRect
GetSystemMetrics
PostQuitMessage
wsprintfW
DispatchMessageW
IsDlgButtonChecked
SetWindowPos
DefWindowProcW
RegisterClassExW
TranslateMessage

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aad0e8a4017150535c857b08c1d52c47

Headers

File Characteristics

Imports

ddraw

shell32

advapi32

ole32

shlwapi

kernel32

user32

Sections

.text Size: 70KB - Virtual size: 69KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 46KB - Virtual size: 46KB

.rsrc Size: 1024B - Virtual size: 104KB

.text
Size: 70KB - Virtual size: 69KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 46KB - Virtual size: 46KB

.rsrc
Size: 1024B - Virtual size: 104KB