411499e130edbd0690fbd54512cc37ddcc3485b4fd8256ccb025c22fdd5a249b

Sharing

Copy URL Twitter E-mail

General

Target

411499e130edbd0690fbd54512cc37ddcc3485b4fd8256ccb025c22fdd5a249b
Size

181KB
MD5

6d51f4e4976d4d3b61457ed254b7bf10
SHA1

12cbf57f8a64275a3f18c70b115205b80d2cf04c
SHA256

411499e130edbd0690fbd54512cc37ddcc3485b4fd8256ccb025c22fdd5a249b
SHA512

06dc5179d1448ce820551de98bc479418ac09d71fef8f6eb427d5c075ea93dfe8918f0c3355dda7a6a7b90d72452d06b3865f8ca556e27d87a8101eec586ae42
SSDEEP

3072:I69SfntQ+iflMvtdLuHOlB+68aHvHYZOLQl1TyBG5qmtubfcCvnqM:I69WNtdLT868ovoOGpzqmtubnv

Score

N/A

Malware Config

Signatures

Files

411499e130edbd0690fbd54512cc37ddcc3485b4fd8256ccb025c22fdd5a249b
.exe windows x86

622a1d86d914cb63d8e8b192c1bab586

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
GetModuleHandleA
HeapAlloc
GlobalLock
WideCharToMultiByte
GetConsoleCP
CopyFileW
GetFileType
GetConsoleMode
FindClose
CreateThread
CreatePipe
CreateProcessW
SetCurrentDirectoryW
lstrlenW
TerminateThread
GetUserDefaultLCID
OpenEventW
CloseHandle
DeleteCriticalSection
LoadResource
SetUnhandledExceptionFilter
GetTimeZoneInformation
LockResource
GetProcAddress
LocalFree
lstrcmpW
GetVersionExW
GetProcessHeap
SetHandleCount
QueryPerformanceCounter
GetCurrentDirectoryA
GetLocalTime
lstrcpynW
GlobalSize
GetSystemInfo
VirtualAlloc
LoadLibraryA
LCMapStringW
LCMapStringA
SetStdHandle
SetFilePointer
ReadFile
SetEndOfFile
GetLocaleInfoA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
HeapSize
MultiByteToWideChar
GetCPInfo
GetOEMCP
GetACP
CreateFileA
InterlockedExchange
RtlUnwind
GetStringTypeW
GetStringTypeA
IsBadWritePtr
HeapReAlloc
VirtualFree
FlushFileBuffers
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
WriteFile
GetLastError
VirtualQuery
VirtualProtect
GetCurrentProcess
TerminateProcess
ExitProcess
HeapFree
GetVersionExA
GetCommandLineA
GetStartupInfoA

user32

GetMenuItemCount
RegisterWindowMessageW
DestroyWindow
CallNextHookEx
GetWindowTextW
HideCaret
SetScrollRange
DrawEdge
ReleaseCapture
GetDlgItem
GetCursorPos
DestroyIcon
IsDialogMessageA
RegisterClassW
CallWindowProcW
LoadMenuW
CallWindowProcA
SetWindowTextW
DragDetect
CreateWindowExW
SystemParametersInfoW

comdlg32

ChooseColorW
PrintDlgW
FindTextW
ReplaceTextW
PageSetupDlgW
GetFileTitleW
GetFileTitleA
ChooseColorA
ChooseFontW
GetOpenFileNameW
GetOpenFileNameA
GetSaveFileNameW
ChooseFontA
GetSaveFileNameA
ReplaceTextA
PrintDlgA
FindTextA
PageSetupDlgA

ole32

StgOpenStorage
StgOpenAsyncDocfileOnIFillLockBytes

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 122KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

622a1d86d914cb63d8e8b192c1bab586

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

ole32

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 122KB - Virtual size: 372KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 122KB - Virtual size: 372KB

.rsrc
Size: 4KB - Virtual size: 4KB