616a1c8e2ae185221b2567af3e5b9a6b443d9cf33bd2508dc603c5eb53d3c45a

Sharing

Copy URL Twitter E-mail

General

Target

616a1c8e2ae185221b2567af3e5b9a6b443d9cf33bd2508dc603c5eb53d3c45a
Size

98KB
MD5

4289427108da86f148414d58f4ead920
SHA1

41203af022fbbfdd1f11079c191811832f6f9f89
SHA256

616a1c8e2ae185221b2567af3e5b9a6b443d9cf33bd2508dc603c5eb53d3c45a
SHA512

c0a18cb553147cb3be64b6db85db707a6595aadddebb5502ddfcce5637664b518859cc6355c0bdc40b70959426fb0be8842b4e029e2b6c3f995794fd25429775
SSDEEP

1536:7DdRzXtPCLgfgQvgJej3xr//TZ+p0gBRLq1Lss8VSKP18nL0eRJrfjjX:zsL/Mz/V+prn8U9P18zrH

Score

N/A

Malware Config

Signatures

Files

616a1c8e2ae185221b2567af3e5b9a6b443d9cf33bd2508dc603c5eb53d3c45a
.exe windows x86

ef72c8b0fc7fb9583f4196e995231b16

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
VirtualProtectEx
GetOEMCP
GetConsoleMode
GetShortPathNameA
WritePrivateProfileStringA
GetUserDefaultLCID
GetSystemTime
IsDebuggerPresent
DeleteFileA
GetTempFileNameA
GetEnvironmentVariableA
DeviceIoControl
GetNumberFormatA
lstrcmpiW

msvcrt

_strnicmp
_controlfp
_adjust_fdiv
__set_app_type
__p__commode
__dllonexit
atexit
__setusermatherr
_cexit
wcslen
_except_handler3
sqrt
_initterm
__getmainargs
_XcptFilter
free
calloc
fprintf
sprintf
_write
__p__fmode
_exit
__p___initenv

comdlg32

GetOpenFileNameA

user32

SetWindowLongA
RegisterWindowMessageA
GetKeyState
SetDlgItemTextA
SendDlgItemMessageA
GetWindowThreadProcessId
GetForegroundWindow
IsWindowEnabled
GetWindowTextA
SetScrollRange
SetScrollPos
MessageBoxA
UnregisterClassA
FrameRect
GetSubMenu

advapi32

GetLengthSid
CheckTokenMembership
AddAccessAllowedAce
GetSecurityDescriptorDacl
OpenServiceA
RegOpenKeyExA
RegDeleteValueW
OpenSCManagerA
CryptReleaseContext
OpenSCManagerW
RegCreateKeyExA

gdi32

StrokePath
AbortDoc
GetNearestPaletteIndex
CreateFontW
SetRectRgn
GetViewportOrgEx
EndPage
GetStockObject
GetCharWidthW
GetCurrentPositionEx
EnumFontFamiliesExW

comctl32

ImageList_Remove
InitCommonControlsEx
ImageList_DragEnter
ImageList_ReplaceIcon
CreatePropertySheetPageA
ImageList_SetImageCount
ImageList_DrawEx
CreatePropertySheetPageW
InitializeFlatSB
ImageList_Replace
ImageList_BeginDrag
DestroyPropertySheetPage
ImageList_LoadImageW
ImageList_GetImageCount
ImageList_SetOverlayImage
ImageList_Read

ole32

OleIsCurrentClipboard
StringFromGUID2
CLSIDFromProgID
CoRevokeClassObject
CreateStreamOnHGlobal
StgOpenStorageOnILockBytes
CoLoadLibrary
CoRegisterClassObject
RevokeDragDrop

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef72c8b0fc7fb9583f4196e995231b16

Headers

File Characteristics

Imports

kernel32

msvcrt

comdlg32

user32

advapi32

gdi32

comctl32

ole32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 9KB - Virtual size: 49KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 9KB - Virtual size: 49KB

.rsrc
Size: 17KB - Virtual size: 17KB