eaed9a72011e0369177cd7a0efde06d350c9defd1d1d15fd00c8160b129b2de8

Sharing

Copy URL Twitter E-mail

General

Target

eaed9a72011e0369177cd7a0efde06d350c9defd1d1d15fd00c8160b129b2de8
Size

953KB
MD5

460a20d90e9beefa8611727e74615452
SHA1

e120c042e256abc0d2e00c0180ea716d91d63569
SHA256

eaed9a72011e0369177cd7a0efde06d350c9defd1d1d15fd00c8160b129b2de8
SHA512

45227af3c49c59989197ef58d8a6d08763e2cdeded08594dc3b9664519a92e2c68562f57a3ad9b8c2064d0c5a875415f04a456cf58251487d192eb79e97007ca
SSDEEP

24576:chIBzOLxZdWAquxvIdCx4yBODTt+/+x6QmZxASxl3L:HBzOLxqUvIdCx4yBAt+QmHvxlL

Score

N/A

Malware Config

Signatures

Files

eaed9a72011e0369177cd7a0efde06d350c9defd1d1d15fd00c8160b129b2de8
.exe windows x86

536d6bef4d6567de49904db06f066ada

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ExtractIconA
DragFinish
DragQueryFileA
ShellAboutA

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
FormatMessageA
GetCurrentProcess
CloseHandle
InterlockedDecrement
InterlockedIncrement
LocalFree
LocalAlloc
lstrcpyW
GlobalAlloc
GlobalLock
GlobalUnlock
GetUserDefaultLCID
LoadLibraryExA
TerminateProcess
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SuspendThread
ResumeThread
WinExec
GetLastError
lstrcmpiA
lstrcmpA
GetVersionExA
lstrlenA
GetModuleFileNameA
lstrcpyA
lstrcatA
lstrlenW
LoadLibraryA
GetProcAddress
FreeLibrary
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LeaveCriticalSection
GetStartupInfoA
GetTickCount

winmm

midiOutGetID
midiConnect
midiDisconnect

msvcrt

_itoa
exit
_stricmp
wcstombs
isxdigit
toupper
isdigit
isspace
_c_exit
_exit
_XcptFilter
_cexit
_acmdln
strtol
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
??1type_info@@UAE@XZ
malloc
free
__CxxFrameHandler
strrchr
__dllonexit
_onexit
strtok
atoi
_strnicmp
__getmainargs
_controlfp
?terminate@@YAXXZ
mbstowcs
_setmbcp

ole32

CreateBindCtx
MkParseDisplayName
StringFromCLSID
CoTaskMemFree
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
StringFromGUID2
CoFreeUnusedLibraries

shlwapi

wnsprintfA

user32

MessageBoxA
EmptyClipboard
SetClipboardData
CloseClipboard
GetMessagePos
LoadBitmapA
OpenClipboard
GetFocus
LoadMenuA
GetSubMenu
EnableMenuItem
SetActiveWindow
UpdateWindow
RedrawWindow
LoadCursorA
SetCursor
SendMessageA
EnableWindow
ScreenToClient
GetWindowRect
wsprintfA
LoadIconA
DeleteMenu

advapi32

CopySid
AllocateAndInitializeSid
FreeSid
RegDeleteValueA
RegCreateKeyExA
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSid
InitializeSecurityDescriptor
EqualSid
AddAccessAllowedAce
InitializeAcl
GetAclInformation
AddAce
LookupAccountNameA
OpenProcessToken
GetTokenInformation
GetLengthSid
RegQueryValueA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
GetSecurityDescriptorLength
MakeSelfRelativeSD
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegQueryValueExA
RegEnumValueA
GetAce
LookupAccountSidA
MapGenericMask
GetSecurityDescriptorDacl
GetExplicitEntriesFromAclA
SetEntriesInAclA
MakeAbsoluteSD
SetSecurityDescriptorDacl
RegQueryInfoKeyA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

comctl32

ImageList_AddMasked

gdi32

DeleteObject

Sections

.text
Size: 482KB - Virtual size: 481KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 429KB - Virtual size: 429KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 36KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

536d6bef4d6567de49904db06f066ada

Headers

File Characteristics

Imports

shell32

kernel32

winmm

msvcrt

ole32

shlwapi

user32

advapi32

version

comctl32

gdi32

Sections

.text Size: 482KB - Virtual size: 481KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 429KB - Virtual size: 429KB

.edata Size: 36KB - Virtual size: 3.3MB

.text
Size: 482KB - Virtual size: 481KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 429KB - Virtual size: 429KB

.edata
Size: 36KB - Virtual size: 3.3MB