1128826315af58b1f06d2cb1c63b60b0a360885cdfb077e2af98197203a1441b

Sharing

Copy URL Twitter E-mail

General

Target

1128826315af58b1f06d2cb1c63b60b0a360885cdfb077e2af98197203a1441b
Size

518KB
MD5

6c0759baf01de60020ae5243bac8696e
SHA1

db13536597fd78292cca829f2dc71d5c7a118a76
SHA256

1128826315af58b1f06d2cb1c63b60b0a360885cdfb077e2af98197203a1441b
SHA512

51ab0e523520f8e1595c0c27027defc6e93d93cd5ccf1f68951c7e0ec0996bfe1839e16dbbb605603567d329b4319b605e2f424c9261cf7c5a044c0f550bc140
SSDEEP

12288:Kc4fD+jDIi4IMQyOrx7AUHsXBonwsC26qLnIR:U0DIiiQyOr2UHEBoFCRqLn

Score

N/A

Malware Config

Signatures

Files

1128826315af58b1f06d2cb1c63b60b0a360885cdfb077e2af98197203a1441b
.exe windows x86

df638135fc1f98daa9189d712f31c52b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetAltTabInfo
TrackPopupMenuEx
RegisterClassExA
ShowWindow
GetClassLongW
CreateWindowExA
CopyAcceleratorTableW
RegisterClassA
DefWindowProcA
EnumDisplaySettingsExA
LoadKeyboardLayoutA
CharNextExA
DestroyWindow
MessageBoxA
IsCharLowerA
GetClassInfoExW
LoadCursorW

gdi32

SetICMMode
GetICMProfileW
StretchDIBits
SetColorAdjustment
CreateMetaFileA
SelectPalette
SelectClipRgn
CreateSolidBrush
SetMiterLimit

kernel32

CompareStringA
GetStringTypeA
HeapDestroy
VirtualLock
GetCPInfo
HeapSize
FlushFileBuffers
GetPrivateProfileIntA
TerminateProcess
HeapAlloc
VirtualQuery
TlsSetValue
LeaveCriticalSection
GetACP
GetProcAddress
OpenMutexA
GetStartupInfoA
GetFileType
RtlZeroMemory
GetTimeFormatA
LoadLibraryA
SetConsoleScreenBufferSize
TlsGetValue
ReadFile
SetHandleCount
HeapCreate
LCMapStringW
UnhandledExceptionFilter
GetLocaleInfoW
GetEnvironmentStringsW
RtlUnwind
GetLastError
GetSystemTimeAsFileTime
HeapFree
FreeEnvironmentStringsA
GetVersionExA
GetModuleFileNameW
GetCurrentThread
GetCompressedFileSizeA
GetStringTypeW
GetSystemInfo
GetUserDefaultLCID
CompareStringW
GetStdHandle
GetModuleFileNameA
GetCurrentThreadId
WideCharToMultiByte
CreateMutexA
WriteFile
DeleteCriticalSection
SetLastError
CreateFileMappingA
TlsFree
FreeEnvironmentStringsW
EnumCalendarInfoW
OpenWaitableTimerA
VirtualAlloc
EnumSystemLocalesA
GetLocaleInfoA
GetDateFormatA
GetCurrentProcess
SetFilePointer
GetEnvironmentStrings
VirtualFree
GetTimeZoneInformation
HeapReAlloc
InterlockedExchange
IsValidCodePage
GetTickCount
SetEnvironmentVariableA
GetCurrentProcessId
CloseHandle
ExitProcess
InitializeCriticalSection
GetCommandLineW
IsValidLocale
GetModuleHandleA
MultiByteToWideChar
QueryPerformanceCounter
GetTempFileNameA
LCMapStringA
GetOEMCP
VirtualProtect
GetCommandLineA
SetStdHandle
IsBadWritePtr
GetStartupInfoW
EnterCriticalSection
TlsAlloc

shell32

DragQueryPoint
ShellExecuteW

comctl32

ImageList_DragMove
CreateStatusWindow
DrawStatusTextA
ImageList_DragShowNolock
CreatePropertySheetPageW
InitCommonControlsEx
ImageList_DrawIndirect
ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_Merge
DestroyPropertySheetPage
GetEffectiveClientRect
ImageList_EndDrag
ImageList_Create
_TrackMouseEvent
ImageList_GetImageCount

wininet

GopherGetAttributeW
InternetFindNextFileA
InternetReadFileExA

Sections

.text
Size: 369KB - Virtual size: 368KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df638135fc1f98daa9189d712f31c52b

Headers

File Characteristics

Imports

user32

gdi32

kernel32

shell32

comctl32

wininet

Sections

.text Size: 369KB - Virtual size: 368KB

.rdata Size: 19KB - Virtual size: 31KB

.data Size: 112KB - Virtual size: 111KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 369KB - Virtual size: 368KB

.rdata
Size: 19KB - Virtual size: 31KB

.data
Size: 112KB - Virtual size: 111KB

.rsrc
Size: 17KB - Virtual size: 16KB