ef589983502c08a3259f156f0816b12d40a0a93f6269b6bddc50dd2cccfc0d88

Sharing

Copy URL Twitter E-mail

General

Target

ef589983502c08a3259f156f0816b12d40a0a93f6269b6bddc50dd2cccfc0d88
Size

285KB
MD5

187456945c08c7b30029f3cfc5da54de
SHA1

1226acec64b7a8d46ae576562a5c705a0782f259
SHA256

ef589983502c08a3259f156f0816b12d40a0a93f6269b6bddc50dd2cccfc0d88
SHA512

ebffab9b6aff6ae003c01895b3528af826ab08a361a8b1b88b4cce227a66506c6b1f726e8296354634e7a2843163bcb34bf98c7fd872c76a1d7a8160cd2cb63c
SSDEEP

6144:aMqyluZv771DBjuaoLuY+P2H8ah1JTIhGpa2oywFgVyR10GZKV6NkyS8:5luZv771DBVdeHzLTIYkywFcyVZKkTS8

Score

N/A

Malware Config

Signatures

Files

ef589983502c08a3259f156f0816b12d40a0a93f6269b6bddc50dd2cccfc0d88
.exe windows x86

3c6cdb5a3f424223ebab2570d58082c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetLengthSid
RegOpenKeyA
RegQueryInfoKeyA

kernel32

WaitForSingleObject
ExitProcess
GetProcAddress
GlobalAlloc
GetOEMCP
SetThreadLocale
InitializeCriticalSection
lstrcpynA
LoadLibraryExA
GetStartupInfoA
SetEvent
GlobalFindAtomA
GetDateFormatA
LocalAlloc
SetFilePointer
GetCommandLineW
VirtualQuery
ExitThread
GetModuleHandleW
GetCurrentThread
ReadFile
WideCharToMultiByte
SetLastError
ResetEvent
GetVersion
GetStringTypeA
lstrlenW
GetFileSize
RaiseException
GetFullPathNameA
CloseHandle
GetLocalTime
LoadLibraryA
SizeofResource
GetModuleFileNameA
FindClose
GetModuleHandleA
lstrcmpiA
GetStdHandle
GetSystemDefaultLangID
GetACP
VirtualAllocEx
GetLocaleInfoA
EnumCalendarInfoA
GetCurrentProcessId
EnterCriticalSection
GetEnvironmentStrings
FindResourceA
DeleteFileA
GetThreadLocale
LocalFree
LockResource
HeapFree
SetHandleCount
lstrcmpA
GetProcessHeap
GetCommandLineA
SetErrorMode
IsBadHugeReadPtr
GetLastError
lstrlenA
Sleep

user32

ShowOwnedPopups
SetWindowsHookExA
SetWindowLongA
SetWindowTextA
SetRect
SetScrollInfo
SystemParametersInfoA
ShowScrollBar
SetWindowPos
SetTimer
SetScrollPos
TranslateMessage
UnregisterClassA
TrackPopupMenu
TranslateMDISysAccel
SetMenuItemInfoA
SetMenu
ShowWindow
SetClassLongA
SetCursor
SetClipboardData
SetFocus
UnhookWindowsHookEx
SetWindowPlacement
SetCapture
SetForegroundWindow
SetWindowLongW
SetPropA
SetScrollRange
SetParent

version

GetFileVersionInfoA
VerFindFileA

comdlg32

ChooseColorA
GetSaveFileNameA
GetOpenFileNameA

msvcrt

memset
pow
exp

Sections

CODE
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdata
Size: 1024B - Virtual size: 935B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adata
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fdata
Size: 1024B - Virtual size: 637B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c6cdb5a3f424223ebab2570d58082c2

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

comdlg32

msvcrt

Sections

CODE Size: 44KB - Virtual size: 44KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 8KB

.bdata Size: 1024B - Virtual size: 935B

.adata Size: 224KB - Virtual size: 223KB

.fdata Size: 1024B - Virtual size: 637B

.rsrc Size: 1024B - Virtual size: 884B

CODE
Size: 44KB - Virtual size: 44KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 8KB

.bdata
Size: 1024B - Virtual size: 935B

.adata
Size: 224KB - Virtual size: 223KB

.fdata
Size: 1024B - Virtual size: 637B

.rsrc
Size: 1024B - Virtual size: 884B