ef516b77e1c92ab928bb8716e537f22dbedd7272b3a3758d769a998dab826f37

Sharing

Copy URL Twitter E-mail

General

Target

ef516b77e1c92ab928bb8716e537f22dbedd7272b3a3758d769a998dab826f37
Size

950KB
MD5

98e08c566656ab21b7ef09c4cbe2233e
SHA1

da016def6e7a6e3d67c58fea14b6b62be10556c4
SHA256

ef516b77e1c92ab928bb8716e537f22dbedd7272b3a3758d769a998dab826f37
SHA512

9a266826b25582cfbb7d28d077e09cfdf77cddb69c5dc98da87d1dfe71b203676fb0a85e5ea5ffad24b96f994cb629baed111ddf987b45455a896ff11f64b12a
SSDEEP

24576:OMYBYVaR7euqTTWkKBmd+3cB+0Rt8NUmZyGkMs:O/BmaJkkcB/m5

Score

N/A

Malware Config

Signatures

Files

ef516b77e1c92ab928bb8716e537f22dbedd7272b3a3758d769a998dab826f37
.exe windows x86

b137f6211fa8e9f02c798297e808a93a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CopySid
AllocateAndInitializeSid
FreeSid
RegDeleteValueA
RegCreateKeyExA
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSid
InitializeSecurityDescriptor
EqualSid
AddAccessAllowedAce
InitializeAcl
GetAclInformation
AddAce
LookupAccountNameA
OpenProcessToken
GetTokenInformation
GetLengthSid
RegQueryValueA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
GetSecurityDescriptorLength
MakeSelfRelativeSD
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegQueryValueExA
RegEnumValueA
GetAce
LookupAccountSidA
MapGenericMask
GetSecurityDescriptorDacl
GetExplicitEntriesFromAclA
SetEntriesInAclA
MakeAbsoluteSD
SetSecurityDescriptorDacl
RegQueryInfoKeyA

gdi32

DeleteObject

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

shell32

ExtractIconA
DragFinish
DragQueryFileA
ShellAboutA

shlwapi

wnsprintfA

user32

MessageBoxA
EmptyClipboard
SetClipboardData
CloseClipboard
GetMessagePos
LoadBitmapA
OpenClipboard
GetFocus
LoadMenuA
GetSubMenu
EnableMenuItem
SetActiveWindow
UpdateWindow
RedrawWindow
LoadCursorA
SetCursor
SendMessageA
EnableWindow
ScreenToClient
GetWindowRect
wsprintfA
LoadIconA
DeleteMenu

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
FormatMessageA
GetCurrentProcess
CloseHandle
InterlockedDecrement
InterlockedIncrement
LocalFree
LocalAlloc
lstrcpyW
GlobalAlloc
GlobalLock
GlobalUnlock
GetUserDefaultLCID
LoadLibraryExA
TerminateProcess
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SuspendThread
ResumeThread
WinExec
GetLastError
lstrcmpiA
lstrcmpA
GetVersionExA
lstrlenA
GetModuleFileNameA
lstrcpyA
lstrcatA
lstrlenW
LoadLibraryA
GetProcAddress
FreeLibrary
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LeaveCriticalSection
GetStartupInfoA
GetTickCount

ole32

CreateBindCtx
MkParseDisplayName
StringFromCLSID
CoTaskMemFree
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
StringFromGUID2
CoFreeUnusedLibraries

msvcrt

_itoa
exit
_stricmp
wcstombs
isxdigit
toupper
isdigit
isspace
_c_exit
_exit
_XcptFilter
_cexit
_acmdln
strtol
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
??1type_info@@UAE@XZ
malloc
free
__CxxFrameHandler
strrchr
__dllonexit
_onexit
strtok
atoi
_strnicmp
__getmainargs
_controlfp
?terminate@@YAXXZ
mbstowcs
_setmbcp

comctl32

ImageList_AddMasked

winmm

midiOutGetID
midiConnect
midiDisconnect

Sections

.text
Size: 482KB - Virtual size: 481KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 430KB - Virtual size: 430KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 32KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b137f6211fa8e9f02c798297e808a93a

Headers

File Characteristics

Imports

advapi32

gdi32

version

shell32

shlwapi

user32

kernel32

ole32

msvcrt

comctl32

winmm

Sections

.text Size: 482KB - Virtual size: 481KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 430KB - Virtual size: 430KB

.edata Size: 32KB - Virtual size: 3.3MB

.text
Size: 482KB - Virtual size: 481KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 430KB - Virtual size: 430KB

.edata
Size: 32KB - Virtual size: 3.3MB