c63716d1952a1585ed3f87489078258897e49a35418553e0d482c5703498f863

Sharing

Copy URL Twitter E-mail

General

Target

c63716d1952a1585ed3f87489078258897e49a35418553e0d482c5703498f863
Size

260KB
MD5

ce008a262711573e6e2d2296e5763a78
SHA1

8467998f4cff8b63ccd22ecfb16dccb9df686086
SHA256

c63716d1952a1585ed3f87489078258897e49a35418553e0d482c5703498f863
SHA512

ceadfa5f29599ab71020d6f2f52d3ea78e5dd9e86fe7fa782e4044247bbefb8cf4beeb31abaa6d04ac0f39ad4d4128e83d60460954cde25d7630014204e7d55c
SSDEEP

6144:cKqtxCKeDQsfkBMvmHf8Ey53dDq5/0z1Bph5+y9zv/4ptkt9oFYYasy2C7gL5T88:TqtcKeDQsfkBMvmHf8Ey53dDq5/0z1Bg

Score

N/A

Malware Config

Signatures

Files

c63716d1952a1585ed3f87489078258897e49a35418553e0d482c5703498f863
.dll windows x86

de2f172108e4707f69e33b9cb0b3fa90

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SaveDC
GetClipBox
GetBitmapBits
BitBlt
CreateCompatibleBitmap
SetPixel
CreateFontIndirectA
GetDIBits
SetBkColor
GetObjectA

kernel32

WideCharToMultiByte
VirtualFree
GetCommandLineA
GetLastError
LoadLibraryExA
GetProcAddress
WriteFile
ExitProcess
GetACP
VirtualAllocEx
IsBadHugeReadPtr
VirtualAlloc
GetModuleHandleA
WaitForSingleObject
ExitThread
IsBadReadPtr
GlobalAlloc
lstrlenW
lstrcpyA
VirtualQuery
GetOEMCP
GetCommandLineW
FindClose
GetSystemDefaultLangID
LocalFree
FindResourceA
WideCharToMultiByte
IsBadReadPtr
MoveFileExA
GetUserDefaultLCID
HeapDestroy
VirtualAlloc
GetCurrentThread
GetDiskFreeSpaceA
lstrcmpiA
lstrcmpA
SetThreadLocale

msvcrt

sin
atan
atol
memmove
log
strncmp
sqrt
swprintf
exit

shlwapi

PathIsDirectoryA
SHQueryValueExA
SHEnumValueA
SHStrDupA
SHDeleteKeyA
PathFileExistsA
SHGetValueA
SHSetValueA
SHDeleteValueA
SHQueryInfoKeyA

oleaut32

SysReAllocStringLen
SafeArrayGetUBound
OleLoadPicture

comdlg32

GetOpenFileNameA

shell32

SHFileOperationA
SHGetDesktopFolder
SHGetFileInfoA
SHGetSpecialFolderLocation

version

VerInstallFileA
GetFileVersionInfoA
GetFileVersionInfoSizeA

ole32

OleCreateStaticFromData
CoRegisterClassObject
GetHGlobalFromStream
OleRegGetUserType
CLSIDFromString
PropVariantClear
StgOpenStorage

comctl32

ImageList_DragShowNolock

user32

DrawTextA
GetPropA
EnumThreadWindows
PostQuitMessage
IsChild
DrawIconEx

advapi32

GetLengthSid

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdata
Size: 4KB - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 12KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ddata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de2f172108e4707f69e33b9cb0b3fa90

Headers

File Characteristics

Imports

gdi32

kernel32

msvcrt

shlwapi

oleaut32

comdlg32

shell32

version

ole32

comctl32

user32

advapi32

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 160KB - Virtual size: 159KB

.bdata Size: 4KB - Virtual size: 520B

DATA Size: 12KB - Virtual size: 108KB

.ddata Size: 8KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 832B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 160KB - Virtual size: 159KB

.bdata
Size: 4KB - Virtual size: 520B

DATA
Size: 12KB - Virtual size: 108KB

.ddata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 832B

.reloc
Size: 4KB - Virtual size: 1KB