797a967bdc5b9fe288fc7d127f229d08d30cbab5b1f3a23e1644a35ede9a26a5

General

Target

797a967bdc5b9fe288fc7d127f229d08d30cbab5b1f3a23e1644a35ede9a26a5
Size

775KB
MD5

66925f1c973d43a4442b270c1d5d0e10
SHA1

cd532998ecdebd59531ddbac2888310ab78f5c4a
SHA256

797a967bdc5b9fe288fc7d127f229d08d30cbab5b1f3a23e1644a35ede9a26a5
SHA512

c1773fa936b3a27932cd2ffced019819d688e3a2f767bfa5fe2699cb868c11c7b81c8d1d66047283641a6e31603bee6c8b28cb11d8174ee354b982e8c8a8a264
SSDEEP

12288:JyMI2hK/NDCJSD9beOEKveD/Ut95Ocuxom2A4hHUfjn6X9WCSiBn:YMQCAbwA8MN4Ot0r6UCSi9

Score

N/A

Malware Config

Signatures

Files

797a967bdc5b9fe288fc7d127f229d08d30cbab5b1f3a23e1644a35ede9a26a5
.exe windows x86

334ac91516b1d509dee5b66346c17459

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SuspendThread
DisconnectNamedPipe
GetStartupInfoA
ClearCommBreak
CloseHandle
GetFileAttributesA
lstrlenW
GetStdHandle
GetCurrentDirectoryA
GetPriorityClass
GetLastError
IsDebuggerPresent
SetEvent
WriteConsoleW
CreatePipe
GetModuleHandleA
CopyFileW
HeapCreate
WriteConsoleW
WriteConsoleW
lstrcpyW

msftedit

RichListBoxWndProc
RichComboBoxWndProc
RichEditWndProc
SetCustomTextOutHandlerEx

shell32

SHGetMalloc
DllUnregisterServer
ExtractIconA
SHFree
DragQueryFileA
ShellAboutA
SHGetSettings
DragFinish
StrChrA
ShellMessageBoxA
DuplicateIcon
SHGetDiskFreeSpaceA
DragAcceptFiles

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 766KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impdata
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

334ac91516b1d509dee5b66346c17459

Headers

File Characteristics

Imports

kernel32

msftedit

shell32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 3KB - Virtual size: 8KB

.data Size: 1024B - Virtual size: 752B

.rsrc Size: 766KB - Virtual size: 2.1MB

.rdata Size: 512B - Virtual size: 132B

.impdata Size: 512B - Virtual size: 80B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 3KB - Virtual size: 8KB

.data
Size: 1024B - Virtual size: 752B

.rsrc
Size: 766KB - Virtual size: 2.1MB

.rdata
Size: 512B - Virtual size: 132B

.impdata
Size: 512B - Virtual size: 80B