5ae3c77970f9e8227dfe77487d834a976a0022a8e8ba715651ac667853cfcbac

Sharing

Copy URL Twitter E-mail

General

Target

5ae3c77970f9e8227dfe77487d834a976a0022a8e8ba715651ac667853cfcbac
Size

224KB
MD5

6c01bed89478e9acf00b37a6eebb60c1
SHA1

a2c2f57ca55bdf63068bd44cfcb20a81514704c4
SHA256

5ae3c77970f9e8227dfe77487d834a976a0022a8e8ba715651ac667853cfcbac
SHA512

382f3f87094a8ef1079c299fd5cf3a26a9b2547a53989a8282e66340dedd48c3545a7f3c288b3a90ffab40baeae0e8f54c7a325b38c99195b71bcee1a66722e9
SSDEEP

3072:wnUl6PgO0LVRM7m4iufumot9A2/4Uuqce9pYUwD0Vnf/e2Wor:wUlagVTDEfumoncOpYUs0VH

Score

N/A

Malware Config

Signatures

Files

5ae3c77970f9e8227dfe77487d834a976a0022a8e8ba715651ac667853cfcbac
.exe windows x86

2947097aeb7fee3f7b343cb54ffe0975

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

Shell_NotifyIconW
SHGetDiskFreeSpaceA
DragQueryFileA

user32

CallWindowProcA
BeginPaint
IsDlgButtonChecked
GetWindowTextLengthA
CharLowerA
CallNextHookEx
GetMenu

comdlg32

GetOpenFileNameA
GetSaveFileNameA
ChooseColorA
FindTextA

kernel32

lstrcpyA
GetCurrentProcessId
FindFirstFileA
EnumCalendarInfoA
GetLastError
GetDateFormatA
DeleteCriticalSection
GetStringTypeA
GetModuleHandleA
WideCharToMultiByte
FindClose
GlobalAlloc
InitializeCriticalSection
GetFileType
SetLastError
lstrcpynA
ExitProcess
VirtualFree
GetVersion
GetStringTypeW
lstrlenA
GetFullPathNameA
DeleteFileA
WaitForSingleObject
GlobalFindAtomA
GetCurrentProcess
LocalFree
GetCurrentThread
VirtualAlloc
GetCurrentThreadId
IsBadHugeReadPtr
CompareStringA
WriteFile
LocalAlloc
GetModuleFileNameA
GetCommandLineW
CreateThread
VirtualAllocEx
FreeLibrary
GetOEMCP
GetDiskFreeSpaceA
SetEndOfFile
ExitThread
GetUserDefaultLCID
LoadLibraryA
CloseHandle
lstrlenW
IsBadReadPtr
MoveFileExA
Sleep
HeapFree
lstrcmpA
GlobalDeleteAtom
LocalReAlloc

Exports

Exports

ktVWGu

Sections

CODE
Size: 201KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.apdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2947097aeb7fee3f7b343cb54ffe0975

Headers

File Characteristics

Imports

shell32

user32

comdlg32

kernel32

Exports

Exports

Sections

CODE Size: 201KB - Virtual size: 200KB

DATA Size: 8KB - Virtual size: 35KB

.apdata Size: 9KB - Virtual size: 9KB

.idata Size: 2KB - Virtual size: 1KB

.edata Size: 512B - Virtual size: 72B

.rsrc Size: 1KB - Virtual size: 1KB

CODE
Size: 201KB - Virtual size: 200KB

DATA
Size: 8KB - Virtual size: 35KB

.apdata
Size: 9KB - Virtual size: 9KB

.idata
Size: 2KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 72B

.rsrc
Size: 1KB - Virtual size: 1KB