eaf3a536c2ebe6c8e4741cbf23db9abc205ee0192473c39ae69bdcac8d79b4df

Sharing

Copy URL Twitter E-mail

General

Target

eaf3a536c2ebe6c8e4741cbf23db9abc205ee0192473c39ae69bdcac8d79b4df
Size

128KB
MD5

9f2ff134bcc8bec2a9bd03914df19b22
SHA1

7aed6d99ec08e4627f6020745eff916da29ca40c
SHA256

eaf3a536c2ebe6c8e4741cbf23db9abc205ee0192473c39ae69bdcac8d79b4df
SHA512

55d61211c87a63bdfbeee7fdfaaba162eedd4ee6dfaf2f6f40509e7ba3eb3538e9002cfc9188921790f12a370bf58dc3c2a4d3e96b84f0d3501898c6cb32ee89
SSDEEP

3072:FhMn1ksSRNiKIViOP1wi8Nj+QPAAaKjtYX3J3aSKnVNJg:FUesw0K616rNj8A1jyX5KSKnVX

Score

N/A

Malware Config

Signatures

Files

eaf3a536c2ebe6c8e4741cbf23db9abc205ee0192473c39ae69bdcac8d79b4df
.exe windows x86

c79940d4e681a8722c3503aeb0086fc9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CreateProcessW
ReleaseMutex
SizeofResource
LoadLibraryW
lstrlenW
FindVolumeClose
GetModuleFileNameW
CompareStringA
LoadResource
lstrcmpW
CreateMutexW
GlobalAlloc
InterlockedExchange
GetUserDefaultUILanguage
LockResource
CloseHandle
SetCurrentDirectoryW
EnumResourceLanguagesA
FreeLibrary
GetPrivateProfileStringW
GlobalLock
GetModuleHandleW
TerminateProcess
ExitProcess
ExpandEnvironmentStringsW
FindResourceW
GetLastError
WideCharToMultiByte
MultiByteToWideChar
WaitForSingleObject
GetLocaleInfoW

user32

SetWindowPos
GetWindow
GetMenuState
GetParent
IsWindowEnabled
DestroyWindow
ValidateRect
GetFocus
GetCursorPos
EndDialog
DrawIcon
EnableMenuItem
EnableWindow
InvalidateRgn
PeekMessageW
CreateDialogIndirectParamW
UpdateWindow
GetClientRect
GetActiveWindow
IsWindowVisible
GetNextDlgGroupItem
CheckMenuItem
MessageBeep
SetActiveWindow
GetNextDlgTabItem
GetDlgItem
IsWindow
IsIconic
GetSystemMetrics
LoadBitmapW
GetKeyState
DispatchMessageW
GetSysColorBrush
SetMenu
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetDesktopWindow
GetWindowLongW
SetTimer
PostQuitMessage
CreateWindowExW
MapDialogRect
PostMessageW
ModifyMenuW
SetWindowContextHelpId
TranslateMessage

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

comctl32

InitCommonControlsEx

comdlg32

GetFileTitleW

shlwapi

PathStripToRootW
PathFindExtensionW
PathIsUNCW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

OleFlushClipboard
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
CoTaskMemFree
CoFreeUnusedLibraries
CoGetClassObject
CLSIDFromString
StgOpenStorageOnILockBytes
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
CLSIDFromProgID
OleIsCurrentClipboard
OleUninitialize
OleInitialize
CoRevokeClassObject

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c79940d4e681a8722c3503aeb0086fc9

Headers

File Characteristics

Imports

kernel32

user32

winspool.drv

comctl32

comdlg32

shlwapi

oledlg

ole32

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 19KB

.rsrc Size: 1024B - Virtual size: 208KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 1024B - Virtual size: 208KB