3f5417592b504bc9abd74ff57f9aea11ef11ebb428b0ca5b5d47c7cf560ebbab

Sharing

Copy URL Twitter E-mail

General

Target

3f5417592b504bc9abd74ff57f9aea11ef11ebb428b0ca5b5d47c7cf560ebbab
Size

57KB
MD5

65d3f691af1f63c532e6e17b998d5f20
SHA1

35cf1a837459d3b216c1559061430bf8749d0f62
SHA256

3f5417592b504bc9abd74ff57f9aea11ef11ebb428b0ca5b5d47c7cf560ebbab
SHA512

c671d94dc59dfbc22bbd32cd9b0fd3a5aa4bbd3b591176c39d5273c83936474827c1989abde73ba64c7cd08549a760fdd066c42bbc36cec790e6f40178f0c9de
SSDEEP

1536:nc+gdLv5ETz8OhKoEjXQspbK0o9zPbJZIvDEr9:6DKEjPpO0o9jF

Score

N/A

Malware Config

Signatures

Files

3f5417592b504bc9abd74ff57f9aea11ef11ebb428b0ca5b5d47c7cf560ebbab
.exe windows x86

f730978001de23973a12a670cf00de70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

OpenClipboard
SetClipboardData
CreateWindowExA
GetClipboardData
LoadCursorA
LoadIconA
DispatchMessageA

urlmon

CreateFormatEnumerator
RegisterFormatEnumerator
RegisterMediaTypes

kernel32

GetStringTypeW
GetStringTypeA
GetCPInfo
HeapCreate
WaitForSingleObject
WideCharToMultiByte
SetThreadLocale
GetSystemDefaultLCID
CompareStringA
GetCPInfoExA
LocalHandle
HeapDestroy
OpenSemaphoreA
GlobalUnlock
GetACP
GetModuleHandleA
GetProcAddress
VirtualAlloc
HeapReAlloc
GetLastError
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetEndOfFile
LoadLibraryA
GetOEMCP
InterlockedIncrement
InterlockedDecrement
FlushFileBuffers
SetStdHandle
CreateFileA
CloseHandle
RtlUnwind
VirtualFree
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetFullPathNameA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
EnterCriticalSection
LeaveCriticalSection
WriteFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetCurrentDirectoryA
GetDriveTypeA
HeapFree
HeapAlloc
InitializeCriticalSection
ReadFile

activeds

ord13

wtsapi32

WTSOpenServerA
WTSEnumerateServersA
WTSEnumerateProcessesA
WTSEnumerateSessionsA

uxtheme

GetThemeSysColor
GetThemeFilename
GetThemeInt
GetThemeMargins
GetThemeSysInt
GetCurrentThemeName
GetThemeSysBool
GetThemeSysSize
GetThemeEnumValue
ord47
GetWindowTheme
GetThemeBool
EnableThemeDialogTexture

usp10

ScriptItemize
ScriptShape
ScriptCacheGetHeight
ScriptStringAnalyse
ScriptString_pcOutChars
ScriptStringXtoCP
ScriptStringValidate
ScriptGetGlyphABCWidth
ScriptCPtoX
ScriptJustify
ScriptStringOut
ScriptStringCPtoX

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nijrph
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f730978001de23973a12a670cf00de70

Headers

File Characteristics

Imports

user32

urlmon

kernel32

activeds

wtsapi32

uxtheme

usp10

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 46KB

.nijrph Size: 19KB - Virtual size: 18KB

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 46KB

.nijrph
Size: 19KB - Virtual size: 18KB

.rsrc
Size: 512B - Virtual size: 16B