52ef5814df0fded60aa3a9293239692f94fd4ea9d00f4c0f1ae78a3c5b48a1be

Sharing

Copy URL Twitter E-mail

General

Target

52ef5814df0fded60aa3a9293239692f94fd4ea9d00f4c0f1ae78a3c5b48a1be
Size

126KB
MD5

85a1ac7c980ec0f90260ef3143d37305
SHA1

ba2f47269bda0b07926a1fadea3975a3668b8b81
SHA256

52ef5814df0fded60aa3a9293239692f94fd4ea9d00f4c0f1ae78a3c5b48a1be
SHA512

df4c1facc888740f3fd1f53691fcc7fcf2a5da94f778be48f5c8d501e4a11972891e2c6f90f406ae81b97bb232a34d22abe93e7008cb8c90ba250ae796fbad05
SSDEEP

3072:43txAtBDSwA5KWHqJKDWpy0AKSuzJ28b6UWqjdZ0ZCWD:atqSr5KW08WDrbAGdZQC

Score

N/A

Malware Config

Signatures

Files

52ef5814df0fded60aa3a9293239692f94fd4ea9d00f4c0f1ae78a3c5b48a1be
.exe windows x86

010832644173ae0eafbc18df1fd16096

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsURLW
PathIsDirectoryW
PathSkipRootW
PathGetDriveNumberW
PathAddBackslashW
PathIsUNCW
PathFindExtensionW
SHDeleteKeyW
StrRChrW

ole32

CoCreateFreeThreadedMarshaler
CoCreateGuid
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CoGetMalloc
StringFromCLSID
WriteClassStm
CoCreateInstance
StgIsStorageFile
CLSIDFromString
CreateDataAdviseHolder
StgCreateDocfile

version

VerQueryValueW
GetFileVersionInfoA

user32

SetForegroundWindow
GetClientRect
MapWindowPoints
GetWindowDC
IsZoomed
SetRect
GetWindowLongA
IsWindowVisible
GetMessagePos
CreateWindowExW
CalcMenuBar
GetDC
TranslateMessage
GetActiveWindow
LoadStringW
DialogBoxParamW
GetAsyncKeyState
CharUpperA
GetFocus
ChangeMenuA
RegisterClipboardFormatW
GetParent
GetWindow
SetWindowLongW

msvcrt

free
__set_app_type
_wtol
__p__fmode
fflush
_XcptFilter
__setusermatherr
__p__commode
_strdup
isdigit
_wcsdup
_lock

kernel32

GetCurrentProcessId
SetEvent
GetStdHandle
OpenMutexW
FindResourceW
Sleep
GetModuleHandleW
FindNextFileW
ExitProcess
CreateProcessA
lstrcmpW
GlobalLock
GetProcAddress
GetFileType
GetFileSize
VirtualAlloc
SetLastError
GetProcessHeap
IsBadWritePtr
GetCurrentThreadId
IsBadReadPtr
WriteConsoleW

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

010832644173ae0eafbc18df1fd16096

Headers

File Characteristics

Imports

shlwapi

ole32

version

user32

msvcrt

kernel32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 41KB - Virtual size: 41KB

.data Size: 42KB - Virtual size: 152KB

.idata Size: 37KB - Virtual size: 37KB

.reloc Size: 512B - Virtual size: 496B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 41KB - Virtual size: 41KB

.data
Size: 42KB - Virtual size: 152KB

.idata
Size: 37KB - Virtual size: 37KB

.reloc
Size: 512B - Virtual size: 496B