eb1899c53aedbb0e8780994756dc44c72595240e2884c11c2b187f5ca03daa6d

Sharing

Copy URL Twitter E-mail

General

Target

eb1899c53aedbb0e8780994756dc44c72595240e2884c11c2b187f5ca03daa6d
Size

33KB
MD5

f6006e867188cf43d5143eae32a0a80c
SHA1

4aebb35ff73e5f8dbcf7ca23d2bc839f931dc05d
SHA256

eb1899c53aedbb0e8780994756dc44c72595240e2884c11c2b187f5ca03daa6d
SHA512

b6e8f98ae6879364cf525fc7449b4d1021d593db384c9a1d38debeb6d6428e65e816860b5c038082af108c1f75d75c26a5b8dfba55a6b3df7468452fea308098
SSDEEP

768:Met2LFWZPZu9EVPQkDT+k8lcU2zxt4kzTVTafJ/:MetvLu9sIkDTeKU2bBafJ/

Score

N/A

Malware Config

Signatures

Files

eb1899c53aedbb0e8780994756dc44c72595240e2884c11c2b187f5ca03daa6d
.exe windows x86

bf90d174ff5aacf7932fc46c6c5d85cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DdeQueryNextServer
SetPropA
DdeUninitialize
GetPropA
GetWindow
FindWindowA
DdeConnectList
GetWindowThreadProcessId
GetClassNameA
GetDesktopWindow
LoadStringA
DdeFreeStringHandle
DdeCreateStringHandleA
DdeInitializeA
DdeDisconnectList
DdeClientTransaction
wvsprintfA
CharNextA
GetLastActivePopup
SetForegroundWindow
wsprintfA
GetDlgItem
PeekMessageA
DispatchMessageA
SendDlgItemMessageA
GetClientRect
DestroyWindow
CreateDialogParamA
SetDlgItemTextA
GetSystemMenu
EnableMenuItem
LoadCursorA
SetCursor
SystemParametersInfoA
GetDC
ReleaseDC
GetSystemMetrics
MessageBoxA

kernel32

GlobalAlloc
lstrcpyA
OpenFile
Sleep
ord18
GlobalLock
GetPrivateProfileSectionA
GlobalFree
FindFirstFileA
FindClose
CreateFileA
lstrcatA
GetModuleFileNameA
GetPrivateProfileIntA
lstrlenA
DeleteFileA
SetFileAttributesA
GetLastError
MoveFileA
LocalFree
WriteFile
LocalAlloc
lstrcpynA
GetDriveTypeA
MulDiv
WritePrivateProfileStringA
lstrcmpiA
WinExec
GetWindowsDirectoryA
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
_llseek
_lread
_lclose
_lopen
GetPrivateProfileStringA
lstrcmpA
CloseHandle

gdi32

GetTextExtentPointA
GetTextExtentExPointA
GetDeviceCaps

shell32

ord175
ord162
ord157
ord164
ord64
SHAddToRecentDocs
ord35
ord94
SHGetSpecialFolderLocation
ord23
ord96
ShellExecuteEx
ord196
ord195
ord25
ord37
ord58
ord119
ord36
ord34
ord57
ord155
ord163
ord45
ord171
SHGetPathFromIDList
ord49
ord33
ord51
ord128
ord29
ord89
ord63
ord32
ord31
ord165
ord52
ord79

comctl32

ord321
ord324
ord233
ord234
ord323
ord73
ord326
ord320
ord17
ord357

advapi32

RegOpenKeyA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegSetValueA
RegCreateKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf90d174ff5aacf7932fc46c6c5d85cd

Headers

File Characteristics

Imports

user32

kernel32

gdi32

shell32

comctl32

advapi32

version

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 1KB - Virtual size: 1KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 1KB - Virtual size: 1KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 1KB