af8ffd96d79b7ed91c19f13eadd03d01df7b2861df8e6daaf70d44be78f9ba49

General

Target

af8ffd96d79b7ed91c19f13eadd03d01df7b2861df8e6daaf70d44be78f9ba49
Size

66KB
MD5

0564bd29283dd933faab3469574a6f50
SHA1

09f3cbe2a5db6849ed36f612a62b87103ce60225
SHA256

af8ffd96d79b7ed91c19f13eadd03d01df7b2861df8e6daaf70d44be78f9ba49
SHA512

e0d337d5426946dc6d456cc818068e2c136e9927a59e1ec8058cbc4b5e3fe3e80c69952b54344f5f9ad6ddbabeb5854c1f8f4a47111543bd94ceef0eb0ac535f
SSDEEP

1536:g/SMprRmluHt0JUwjMdgbo2p7nd6pgJkS/3V1ftg3WgjuD:QprR6bH7d6p2nN1ftgGgj

Score

N/A

Malware Config

Signatures

Files

af8ffd96d79b7ed91c19f13eadd03d01df7b2861df8e6daaf70d44be78f9ba49
.exe windows x86

502efd60f870d35820d371ebb4d45fd7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStdHandle
GetStartupInfoA
GetPriorityClass
ClearCommBreak
CreatePipe
GetModuleHandleA
WriteConsoleW
CopyFileW
GetCurrentDirectoryA
lstrlenW
DisconnectNamedPipe
WriteConsoleW
GetLastError
SetEvent
IsDebuggerPresent
GetFileAttributesA
HeapCreate
lstrcpyW
CloseHandle
WriteConsoleW
SuspendThread

msftedit

RichEditWndProc
RichListBoxWndProc
SetCustomTextOutHandlerEx
RichComboBoxWndProc

shell32

DuplicateIcon
ShellMessageBoxA
DragAcceptFiles
SHGetSettings
DllUnregisterServer
StrChrA
SHFree
DragQueryFileA
SHGetDiskFreeSpaceA
DragFinish
SHGetMalloc
ShellAboutA
ExtractIconA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impdata
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

502efd60f870d35820d371ebb4d45fd7

Headers

File Characteristics

Imports

kernel32

msftedit

shell32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 776B

.rsrc Size: 57KB - Virtual size: 72KB

.rdata Size: 512B - Virtual size: 132B

.impdata Size: 512B - Virtual size: 80B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 776B

.rsrc
Size: 57KB - Virtual size: 72KB

.rdata
Size: 512B - Virtual size: 132B

.impdata
Size: 512B - Virtual size: 80B