eff96728e40bddcdfedd330000990b3a9b6388d1312d9202976242a3d80cd8d3

Sharing

Copy URL Twitter E-mail

General

Target

eff96728e40bddcdfedd330000990b3a9b6388d1312d9202976242a3d80cd8d3
Size

126KB
MD5

14297d5a055fa474d280c18637636e30
SHA1

63e0db9b026eeb1d64db7132f40eb70fae94cc05
SHA256

eff96728e40bddcdfedd330000990b3a9b6388d1312d9202976242a3d80cd8d3
SHA512

da00916cad2c7735c51718c643d1b3fc8906e314d90e64eb5f7c8e3e8244414612226f5ddb3bc9cbce493d4d940a051fc3184e6826df2094d292194f74394078
SSDEEP

3072:43txAtBDSwA5KWHqJKDWpy0AKSuzJ28b6UWqjdZ0ZCWD:atqSr5KW08WDrbAGdZQC

Score

N/A

Malware Config

Signatures

Files

eff96728e40bddcdfedd330000990b3a9b6388d1312d9202976242a3d80cd8d3
.exe windows x86

010832644173ae0eafbc18df1fd16096

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsURLW
PathIsDirectoryW
PathSkipRootW
PathGetDriveNumberW
PathAddBackslashW
PathIsUNCW
PathFindExtensionW
SHDeleteKeyW
StrRChrW

ole32

CoCreateFreeThreadedMarshaler
CoCreateGuid
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CoGetMalloc
StringFromCLSID
WriteClassStm
CoCreateInstance
StgIsStorageFile
CLSIDFromString
CreateDataAdviseHolder
StgCreateDocfile

version

VerQueryValueW
GetFileVersionInfoA

user32

SetForegroundWindow
GetClientRect
MapWindowPoints
GetWindowDC
IsZoomed
SetRect
GetWindowLongA
IsWindowVisible
GetMessagePos
CreateWindowExW
CalcMenuBar
GetDC
TranslateMessage
GetActiveWindow
LoadStringW
DialogBoxParamW
GetAsyncKeyState
CharUpperA
GetFocus
ChangeMenuA
RegisterClipboardFormatW
GetParent
GetWindow
SetWindowLongW

msvcrt

free
__set_app_type
_wtol
__p__fmode
fflush
_XcptFilter
__setusermatherr
__p__commode
_strdup
isdigit
_wcsdup
_lock

kernel32

GetCurrentProcessId
SetEvent
GetStdHandle
OpenMutexW
FindResourceW
Sleep
GetModuleHandleW
FindNextFileW
ExitProcess
CreateProcessA
lstrcmpW
GlobalLock
GetProcAddress
GetFileType
GetFileSize
VirtualAlloc
SetLastError
GetProcessHeap
IsBadWritePtr
GetCurrentThreadId
IsBadReadPtr
WriteConsoleW

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

010832644173ae0eafbc18df1fd16096

Headers

File Characteristics

Imports

shlwapi

ole32

version

user32

msvcrt

kernel32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 41KB - Virtual size: 41KB

.data Size: 42KB - Virtual size: 152KB

.idata Size: 37KB - Virtual size: 37KB

.reloc Size: 512B - Virtual size: 496B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 41KB - Virtual size: 41KB

.data
Size: 42KB - Virtual size: 152KB

.idata
Size: 37KB - Virtual size: 37KB

.reloc
Size: 512B - Virtual size: 496B