cb5d65f2a75c9c00d7ca306a06b032566e7a884bb94ec47fcd076d0578c127e4

Sharing

Copy URL

Twitter E-mail

General

Target

cb5d65f2a75c9c00d7ca306a06b032566e7a884bb94ec47fcd076d0578c127e4
Size

189KB
MD5

4236687c4208e0fb0faa3f9a34fb622b
SHA1

cd9505b3cff57d321e2f2be7a7bf6b8240295c8d
SHA256

cb5d65f2a75c9c00d7ca306a06b032566e7a884bb94ec47fcd076d0578c127e4
SHA512

0db65b491ea144b9ba7a02f0e0ad994e01600e667caa5d76d3fbee9849dd097a3b6566807aae5612ba5243813cdc5e5d6d80ce031afc03eec5dc394ae6aa8af9
SSDEEP

3072:b3uaRqX5snptQwFdCzMJGy/3XsRRJYvrUmlji6vhS2gD4bkTFnS4zPgKQ/xjb4SL:bhRqX5yFd5Gy/3Xq6jbBdvw2gD4bkTdJ

Score

N/A

Malware Config

Signatures

Files

cb5d65f2a75c9c00d7ca306a06b032566e7a884bb94ec47fcd076d0578c127e4
.exe windows x86

ae1289c9e6c8726ca0e70503c4747c8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyA

ole32

CoFreeUnusedLibraries
PropVariantClear
CLSIDFromString
CoGetObjectContext
CoUnmarshalInterface
CoDisconnectObject
CoCreateInstanceEx
CoTaskMemFree
CoRevokeClassObject

kernel32

ResetEvent
FormatMessageA
FreeLibrary
LocalFree
HeapDestroy
MoveFileExA
GetCurrentProcess
FindResourceA
CreateFileA
LoadLibraryA
VirtualFree
GetUserDefaultLCID
CloseHandle
GetProcessHeap
WideCharToMultiByte
GetFullPathNameA
GetStringTypeA
SizeofResource
MoveFileA
GetLocalTime
GlobalFindAtomA
CompareStringA
lstrlenA
lstrcmpA
SetHandleCount
HeapAlloc
GetLocaleInfoA
lstrcmpiA
VirtualAlloc
lstrcpynA
GetEnvironmentStrings
GetProcAddress
SetLastError
CreateEventA
GetThreadLocale
FindFirstFileA
GlobalAddAtomA
LocalAlloc
GetFileSize
SetErrorMode
GetTickCount
GetModuleHandleA
RaiseException
lstrcatA
GetLastError
GlobalDeleteAtom
ExitProcess
GetFileAttributesA
GlobalAlloc
VirtualAllocEx
WriteFile
InitializeCriticalSection
GetCPInfo
SetEndOfFile
GetCurrentThread
SetThreadLocale

user32

UnhookWindowsHookEx
MessageBoxA
IsWindowEnabled
EqualRect
SetWindowTextA
GetActiveWindow
GetFocus
IsWindowVisible
wsprintfA
InvalidateRect
GetIconInfo
GetKeyNameTextA
EmptyClipboard

Sections

CODE
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae1289c9e6c8726ca0e70503c4747c8c

Headers

File Characteristics

Imports

advapi32

ole32

kernel32

user32

Sections

CODE Size: 43KB - Virtual size: 43KB

.data Size: 127KB - Virtual size: 127KB

.idata Size: 2KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 69KB

.bdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 10KB - Virtual size: 10KB

CODE
Size: 43KB - Virtual size: 43KB

.data
Size: 127KB - Virtual size: 127KB

.idata
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 69KB

.bdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 10KB - Virtual size: 10KB