cefb874262698e90ad7dbc8b50299c50d9ce8a8a2588bf9a7222cab73fa7796c

Sharing

Copy URL

Twitter E-mail

General

Target

cefb874262698e90ad7dbc8b50299c50d9ce8a8a2588bf9a7222cab73fa7796c
Size

89KB
MD5

61f74a7acbfdf19a8d71ed7f755bacf5
SHA1

743349c0b9538f1dcf90a34a5ac0fb4c62ef6e90
SHA256

cefb874262698e90ad7dbc8b50299c50d9ce8a8a2588bf9a7222cab73fa7796c
SHA512

209fe6d7de39649d9832676e3e497d3476a60203bb4b301c6d72c2a3aeb714313ff30c79bce10ef165ebe14a01479c3e6015534032cb2c3e35aeff736751abde
SSDEEP

1536:ePRNVP7PDSANdnq2OQ6u0j2LWrk5qD4sFfmQz2V2AWYbOT+4:UTTPDSAPnq2A7ikpZsrWYbg

Score

N/A

Malware Config

Signatures

Files

cefb874262698e90ad7dbc8b50299c50d9ce8a8a2588bf9a7222cab73fa7796c
.exe windows x86

513178c671b6c3c7ae259929b5f64258

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtectEx
GetModuleHandleW
GetFileAttributesA
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetLocaleInfoA
GetModuleFileNameA
ExitProcess
GetCommandLineW
GetFileTime
LocalFree
GetProcAddress
SetFilePointer
GetProcessHeap
GetShortPathNameA
GetStdHandle
FreeEnvironmentStringsA

msvcrt

free
_initterm
__p__environ
fread
fputs
_exit
fwrite
sprintf
__dllonexit
_XcptFilter
strstr
__getmainargs
__p__commode
__p__fmode
__setusermatherr
atexit
_write
_strnicmp
calloc
strchr
getenv
_adjust_fdiv
_vsnprintf
__set_app_type
_except_handler3
__p___initenv
_controlfp
_errno

comctl32

ImageList_EndDrag
InitCommonControls
ImageList_DragShowNolock
ImageList_SetImageCount
ImageList_Write
ImageList_Read
ImageList_SetOverlayImage
ImageList_DragLeave
ImageList_DragEnter
ImageList_LoadImageW

user32

GetMenuStringA
InsertMenuA
SetScrollInfo
MessageBeep
IsChild
FillRect
DrawTextA
InsertMenuItemA
EnumThreadWindows
GetCursorPos
LoadStringA
SetCursor
wsprintfA
WaitMessage
BeginPaint
SetClipboardData
IsWindowVisible
RegisterWindowMessageA

ole32

GetRunningObjectTable
CoUninitialize
CLSIDFromProgID
ProgIDFromCLSID
CoDisconnectObject
StgCreateDocfileOnILockBytes
CoSetProxyBlanket
CoGetMalloc
CoFreeUnusedLibraries
CoCreateGuid
IsEqualGUID
OleIsCurrentClipboard

gdi32

CopyMetaFileA
SetDIBitsToDevice
CloseEnhMetaFile
RemoveFontResourceA
DeleteDC
OffsetViewportOrgEx
CombineRgn
CreateBrushIndirect
CreateHatchBrush
PtInRegion
CopyEnhMetaFileA
CreateDIBSection
SetStretchBltMode
GetTextMetricsA
GetNearestPaletteIndex

advapi32

RegCreateKeyExA
RegEnumValueA
CloseServiceHandle
RegEnumKeyW
CryptAcquireContextA
RegOpenKeyExW
RegDeleteKeyW
GetSecurityDescriptorDacl
InitializeAcl
OpenSCManagerW
LookupPrivilegeValueA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

513178c671b6c3c7ae259929b5f64258

Headers

File Characteristics

Imports

kernel32

msvcrt

comctl32

user32

ole32

gdi32

advapi32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 60KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 60KB

.rsrc
Size: 7KB - Virtual size: 7KB