96f5690faf258c720c4d4a5c7610282c3b8976e3185f512791924d8f319cff18

General

Target

96f5690faf258c720c4d4a5c7610282c3b8976e3185f512791924d8f319cff18
Size

157KB
MD5

6e89c022f58c62d43e1ac4fb05b1452f
SHA1

7f20d8e60e974fa304a8e969a2292241cfe10739
SHA256

96f5690faf258c720c4d4a5c7610282c3b8976e3185f512791924d8f319cff18
SHA512

79d29d2d0502a6fba2799ff6afc95d44555ecb82997dc5c48235cdf1a746b80e12a5170cafcc7e3911fb7d2dfd48c47e37371df3d56f44d07070c1f31c233c61
SSDEEP

3072:CWg04/jRlWgzOk/IAmbYifoDRUflOza7PHkvfWQqQhHE5ysuJu3nETE:1g7/lcgaeuAdU9CGPkvecx9TE

Score

N/A

Malware Config

Signatures

Files

96f5690faf258c720c4d4a5c7610282c3b8976e3185f512791924d8f319cff18
.exe windows x86

2c20cc8b6bdcee90e4780931e39072f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shlwapi

SHDeleteEmptyKeyW
ord195
UrlUnescapeA
SHDeleteKeyW
PathRemoveBackslashW

ole32

CLSIDFromProgID
CoInitialize

kernel32

GetVersionExW
GetVersionExA
WideCharToMultiByte
GetCommandLineA
GetModuleHandleA
GetEnvironmentVariableW
OutputDebugStringW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GlobalFree
WaitForMultipleObjects
CreateEventA
GetCurrentProcess
GetVolumeInformationA
GetDriveTypeW
VirtualAlloc
VirtualFree
CreateFileW
ReadFile
WriteFile
GetCurrentProcessId
GetModuleFileNameW
GetSystemTime
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
ResumeThread
CreateThread
TerminateThread
IsDBCSLeadByteEx
GetStringTypeA
HeapReAlloc
GetStringTypeA
GetCPInfo

user32

MessageBeep
GetWindowLongA
SendMessageA
GetDlgItem
MessageBoxW

gdiplus

GdiplusShutdown
GdiplusStartup

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegEnumValueA
RegDeleteValueA
RegCloseKey

shell32

SHGetFolderPathW

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 230B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c20cc8b6bdcee90e4780931e39072f2

Headers

File Characteristics

Imports

shlwapi

ole32

kernel32

user32

gdiplus

advapi32

shell32

Sections

.text Size: 130KB - Virtual size: 130KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 23KB - Virtual size: 23KB

.reloc Size: 512B - Virtual size: 230B

.text
Size: 130KB - Virtual size: 130KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 23KB - Virtual size: 23KB

.reloc
Size: 512B - Virtual size: 230B