7ad166e7121970959b7d61d02caf85704e5ae43855fcf318fb7938646716ed63

General

Target

7ad166e7121970959b7d61d02caf85704e5ae43855fcf318fb7938646716ed63
Size

84KB
MD5

67eabe37ce36a8a0e6c61727586ad594
SHA1

7d532edf607a1aa13acb0cf9265853256c346ce9
SHA256

7ad166e7121970959b7d61d02caf85704e5ae43855fcf318fb7938646716ed63
SHA512

e65d597234748f31b08f5a9b235a2ff85467b1b358317714ce965508334fe76ddb509efa5c9d7ba406ae7f0cfa42594d45930abc9209851cb4097a6f318a6dc6
SSDEEP

1536:cgNYhzVE1s7q3ifcEeVuXGtAstvcV6XiaFDPJftxiTnb1LWtenyltuYCsSES:cgYw3i0T/tAXV6ysP9uX1LYeouYCzES

Score

N/A

Malware Config

Signatures

Files

7ad166e7121970959b7d61d02caf85704e5ae43855fcf318fb7938646716ed63
.exe windows x86

ccf56389664600b2a1a2e1bfeedc34aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

clock
strncmp
calloc
ceil
sqrt
log
wcstol
time
wcsncmp
memcpy
memmove
pow
strcmp
wcscspn

ntdll

wcscat

version

GetFileVersionInfoA

user32

SetWindowPos
CallWindowProcA
GetLastActivePopup
FrameRect
EnableMenuItem
GetKeyState
GetKeyNameTextA
GetIconInfo
IsChild
DefMDIChildProcA
GetDC
IsDialogMessageA
CheckMenuItem
GetClientRect
IsMenu
EnumThreadWindows
EndDeferWindowPos
GetFocus
DefFrameProcA
GetScrollRange
FindWindowA
SetWindowLongA
DeferWindowPos
GetClipboardData
GetActiveWindow
GetMenuItemCount

kernel32

GetCurrentProcessId
GetCommandLineA
lstrcpynA
VirtualFree
GetLocaleInfoA
GetModuleHandleA
GetStringTypeW
ExitProcess
LoadLibraryA
lstrcmpA
SetFilePointer
VirtualAlloc
LoadResource
FindClose
FindResourceA
MoveFileExA
SetLastError
GetSystemDefaultLangID
GlobalDeleteAtom
GetFileAttributesA
DeleteFileA
ExitThread
LockResource
InitializeCriticalSection
SetThreadLocale
LoadLibraryExA
GetOEMCP

comdlg32

GetFileTitleA
GetOpenFileNameA
ChooseColorA

oleaut32

VariantCopyInd
SafeArrayPtrOfIndex
VariantChangeType

advapi32

RegOpenKeyA

shell32

SHGetFileInfoA
SHGetDesktopFolder

Sections

text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 41KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ccf56389664600b2a1a2e1bfeedc34aa

Headers

File Characteristics

Imports

msvcrt

ntdll

version

user32

kernel32

comdlg32

oleaut32

advapi32

shell32

Sections

text Size: 41KB - Virtual size: 40KB

DATA Size: 41KB - Virtual size: 53KB

.tls Size: 512B - Virtual size: 150B

text
Size: 41KB - Virtual size: 40KB

DATA
Size: 41KB - Virtual size: 53KB

.tls
Size: 512B - Virtual size: 150B