d9565211c0a879eb56e86916e76cc42745c2bfd80bcafed783e285d2bcaba2d3

Sharing

Copy URL Twitter E-mail

General

Target

d9565211c0a879eb56e86916e76cc42745c2bfd80bcafed783e285d2bcaba2d3
Size

126KB
MD5

64917f9ebd698d936a1a6654d6ec6660
SHA1

2c978a282269491d3dcf90f7e6079774dfe7a446
SHA256

d9565211c0a879eb56e86916e76cc42745c2bfd80bcafed783e285d2bcaba2d3
SHA512

95aa071959c8cd7e9d0bc1572bc86f9b29800e1a489c37980b1b7c1d2d899c30c70fc0d452058c80310870887c8c650bb472231ef228f9d9cd0e99d599537a89
SSDEEP

3072:1ne033AE6nSasfItQctpu8xkWXXP0RVY7LAF2Uh:9Xv2t3tpu6ncRVY7LHQ

Score

N/A

Malware Config

Signatures

Files

d9565211c0a879eb56e86916e76cc42745c2bfd80bcafed783e285d2bcaba2d3
.exe windows x86

d42c3c90df82e7e0f08539fb51578463

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_initterm
_acmdln
abort
_adjust_fdiv
_setjmp3
_controlfp
_except_handler3
log
_fileno
sin
_close
pow
__setusermatherr
_stat
_XcptFilter
_wtoi
__p__commode
exit
__p__fmode
__getmainargs
__set_app_type

kernel32

GetStringTypeExA
MulDiv
GetStartupInfoA
GetModuleHandleA
UnhandledExceptionFilter
FileTimeToLocalFileTime
WriteConsoleA
GetDateFormatA
GetSystemDirectoryA
VirtualProtect
GetTimeZoneInformation

shell32

SHFileOperationA
SHBrowseForFolderA
CommandLineToArgvW
SHFileOperationW
SHGetPathFromIDListA
ShellExecuteA
ShellExecuteExW
SHGetDiskFreeSpaceExW
DragFinish
ExtractIconA

ole32

CoCreateInstance
CoUninitialize
CoTaskMemRealloc
DoDragDrop
CoReleaseMarshalData
OleSetClipboard
CoCreateGuid
CreateStreamOnHGlobal

comctl32

ImageList_SetImageCount
ImageList_DragShowNolock
ImageList_EndDrag
ImageList_Remove
ImageList_Write
ImageList_Destroy
InitializeFlatSB
ImageList_SetOverlayImage
ImageList_AddMasked
ImageList_SetBkColor
DestroyPropertySheetPage
ImageList_GetIconSize

gdi32

DeleteDC
PolylineTo
Pie
ArcTo
StartPage
PlayMetaFile
GetTextExtentPoint32A
CreateCompatibleBitmap
CreateEnhMetaFileA
CreateRectRgnIndirect

advapi32

RegQueryValueExW
DeregisterEventSource
EqualSid
SetSecurityDescriptorDacl
RevertToSelf
QueryServiceStatus
RegDeleteValueA
RegEnumKeyExW
RegDeleteKeyW
OpenServiceA

oleaut32

VariantClear
VariantCopyInd
SysFreeString
GetActiveObject
GetErrorInfo
CreateErrorInfo
SysAllocStringByteLen
SysAllocStringLen

version

VerInstallFileW
GetFileVersionInfoSizeW
VerFindFileW
VerQueryValueW
VerLanguageNameA
VerQueryValueA

user32

EndDialog
LoadCursorA
IntersectRect
DrawIcon
DestroyMenu
SetWindowLongA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d42c3c90df82e7e0f08539fb51578463

Headers

File Characteristics

Imports

msvcrt

kernel32

shell32

ole32

comctl32

gdi32

advapi32

oleaut32

version

user32

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 17KB - Virtual size: 38KB

.rsrc Size: 89KB - Virtual size: 89KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 17KB - Virtual size: 38KB

.rsrc
Size: 89KB - Virtual size: 89KB