b65f953c5efc5cdbb717c1a20793e61aaf1efe4c4b913de1ecfafcab974c9b0e

General

Target

b65f953c5efc5cdbb717c1a20793e61aaf1efe4c4b913de1ecfafcab974c9b0e
Size

88KB
MD5

bfe4c5a62c84b441c326c64aa2d95038
SHA1

6a30ed8bf059363e71edbc3ba6d8049ac63c7798
SHA256

b65f953c5efc5cdbb717c1a20793e61aaf1efe4c4b913de1ecfafcab974c9b0e
SHA512

c43302df1b609530642f215aaea9321e2118b897f9e88244f5d612cf9af663b5f37190a0c59e6c825d1bcbbdddf451e213be3e660aacddaca01602688516e5b7
SSDEEP

1536:K7VDKQ2X7ttvclTPIskZNY4UZ+hVWa/ivpMQRO7Izp2GacEkeOSQNvNzu0:0VhO7z95YpZ+hZ/oMQMXNpbOrNvNzN

Score

N/A

Malware Config

Signatures

Files

b65f953c5efc5cdbb717c1a20793e61aaf1efe4c4b913de1ecfafcab974c9b0e
.zip
Ausgleich 18.08.2015 - Stellvertretender Sachbearbeiter Pay Online AG.com
.exe windows x86

31ae5128b424cb06fb20f22561a16c98

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

OemToCharA
SendMessageA
DrawTextExA
CreateWindowExW
EnumWindows
EnumDesktopsA
CreateDesktopA
InsertMenuW
GetFocus
LoadBitmapW
GetPropA
PostMessageW
InsertMenuA
FindWindowW
DefDlgProcW
MessageBoxA
LoadCursorA
IsWindowEnabled

crypt32

CertOpenStore
CertAlgIdToOID
CertFreeCRLContext
CertNameToStrA
CertFindChainInStore
CryptFindOIDInfo
CryptMsgClose
CertCreateContext
CertDuplicateCRLContext
CertDuplicateStore
CertFindAttribute
CertFindExtension
CertCreateCRLContext
CertCreateCTLContext
CertCloseStore
CryptEnumOIDInfo
CertCompareCertificate

msimg32

vSetDdrawflag
AlphaBlend
GradientFill

kernel32

CreateDirectoryW
GetLastError
WaitForSingleObjectEx
CompareStringW
GetLocalTime
ReadFile
GetProcAddress
GetModuleHandleA
CopyFileA
FormatMessageA
GetLogicalDriveStringsA
GetLocaleInfoW
InitializeCriticalSection
CreateEventA
GetStringTypeA
lstrcpyA
GetOEMCP
OpenEventW
ReplaceFileW
DeleteFileA

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31ae5128b424cb06fb20f22561a16c98

Headers

File Characteristics

Imports

user32

crypt32

msimg32

kernel32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 196KB

.rsrc Size: 64KB - Virtual size: 61KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 196KB

.rsrc
Size: 64KB - Virtual size: 61KB

.reloc
Size: 8KB - Virtual size: 6KB