cfd992c7d4b95fd723e73df8260fd8c66838d3e48ff07ac5d037c20b3ee45a3f

Sharing

Copy URL Twitter E-mail

General

Target

cfd992c7d4b95fd723e73df8260fd8c66838d3e48ff07ac5d037c20b3ee45a3f
Size

188KB
MD5

e321b748065187ee0b92690c2c1162ee
SHA1

aaec79ef440008cea71df62ca04370511c1656f5
SHA256

cfd992c7d4b95fd723e73df8260fd8c66838d3e48ff07ac5d037c20b3ee45a3f
SHA512

fd15b5b9d13ccec9e743661b92f1b9f86617e8bb08e0a2a8e40905d550c5082f8f8f289c3ae670d3508f758f8b29c322b8eeb4d93a47cf7af40b8306e768e6f8
SSDEEP

3072:0RTeM5Vze5sL/gl4JChGeB0/ZAUv1XXn76KvSL/GZu3IuWTtwb8S26dGjlCu:ExLzzL/fe30qUvhr6/GYSWQYGJ

Score

N/A

Malware Config

Signatures

Files

cfd992c7d4b95fd723e73df8260fd8c66838d3e48ff07ac5d037c20b3ee45a3f
.exe windows x86

e1afe9390e9cbae6ea0b0e156db5874b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetCommandLineW
FormatMessageW
VirtualAlloc
GetModuleFileNameA
SetEvent
VirtualFree
SetEvent
VirtualAlloc
FormatMessageW
FormatMessageW
FreeLibrary
GetModuleHandleW
GetModuleFileNameA
GetModuleHandleA
GetCurrentProcessId
GetCurrentProcess
LocalAlloc
VirtualFree
GetProcessHeap
GetModuleFileNameA
MultiByteToWideChar
FormatMessageW
VirtualAlloc
lstrcmpiW
SetEvent
GetTickCount
QueryPerformanceCounter
GetProcessHeap
GetACP
GetModuleHandleA
GetCommandLineW
WaitForSingleObject

advapi32

RegDeleteKeyW
GetTokenInformation
CloseServiceHandle
RegOpenKeyExW

user32

GetMessageW
LoadIconW
PostMessageW
GetMessageW
SendMessageW
CreateWindowExW
SendMessageW
UpdateLayeredWindow
LoadIconW
DestroyWindow
LoadIconW
LoadIconW
DestroyWindow
GetDC
SetTimer
ReleaseDC
GetWindowRect
PostMessageW
PostMessageW
GetDlgItem
ShowWindow
CreateWindowExW
SetTimer
CreateWindowExW
GetDC
SendMessageW
GetDC
DefWindowProcW
DestroyWindow
CreateWindowExW
GetDlgItem
ReleaseDC
GetSystemMetrics
SetTimer

gdi32

CreateCompatibleBitmap
GetDeviceCaps
LineTo
TextOutW
LineTo
SetTextColor
CreateCompatibleDC
CreateCompatibleBitmap
LineTo
PatBlt
DeleteDC
GetObjectW
CreateCompatibleDC
TextOutW
TextOutW
SetBkMode
SelectObject
SelectObject
SelectObject
SetTextColor
CreateCompatibleDC
SetTextColor
GetDeviceCaps
ExtTextOutW
DeleteObject
BitBlt
ExtTextOutW
SelectObject
DeleteObject
SetBkMode

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 158KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1afe9390e9cbae6ea0b0e156db5874b

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 3KB - Virtual size: 152KB

.data Size: 158KB - Virtual size: 160KB

.rsrc Size: 1KB - Virtual size: 4KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 3KB - Virtual size: 152KB

.data
Size: 158KB - Virtual size: 160KB

.rsrc
Size: 1KB - Virtual size: 4KB