694f1beb0698ef4f76f5c8cea3042533a7c2005e7679f5195f5bdb4a72a151a2

Sharing

Copy URL Twitter E-mail

General

Target

694f1beb0698ef4f76f5c8cea3042533a7c2005e7679f5195f5bdb4a72a151a2
Size

57KB
MD5

6665173a8fbe4e06cb20c6b7cdf3f450
SHA1

868b9effba2f81e545ed89053cad572cb6fe5e58
SHA256

694f1beb0698ef4f76f5c8cea3042533a7c2005e7679f5195f5bdb4a72a151a2
SHA512

af8cb25a8028ea5e886cf863c5db5fe03ca6ac3bc5954862e263f78f512d2bb1185cbe28e94525b66cdf07cc925173c28965b554b4d4b184db962dff34c72279
SSDEEP

1536:7c+gdLv5ETz8OhKoEjXQspbK0o9zPbJZIvDEr9:eDKEjPpO0o9jF

Score

N/A

Malware Config

Signatures

Files

694f1beb0698ef4f76f5c8cea3042533a7c2005e7679f5195f5bdb4a72a151a2
.exe windows x86

f730978001de23973a12a670cf00de70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

OpenClipboard
SetClipboardData
CreateWindowExA
GetClipboardData
LoadCursorA
LoadIconA
DispatchMessageA

urlmon

CreateFormatEnumerator
RegisterFormatEnumerator
RegisterMediaTypes

kernel32

GetStringTypeW
GetStringTypeA
GetCPInfo
HeapCreate
WaitForSingleObject
WideCharToMultiByte
SetThreadLocale
GetSystemDefaultLCID
CompareStringA
GetCPInfoExA
LocalHandle
HeapDestroy
OpenSemaphoreA
GlobalUnlock
GetACP
GetModuleHandleA
GetProcAddress
VirtualAlloc
HeapReAlloc
GetLastError
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetEndOfFile
LoadLibraryA
GetOEMCP
InterlockedIncrement
InterlockedDecrement
FlushFileBuffers
SetStdHandle
CreateFileA
CloseHandle
RtlUnwind
VirtualFree
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetFullPathNameA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
EnterCriticalSection
LeaveCriticalSection
WriteFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetCurrentDirectoryA
GetDriveTypeA
HeapFree
HeapAlloc
InitializeCriticalSection
ReadFile

activeds

ord13

wtsapi32

WTSOpenServerA
WTSEnumerateServersA
WTSEnumerateProcessesA
WTSEnumerateSessionsA

uxtheme

GetThemeSysColor
GetThemeFilename
GetThemeInt
GetThemeMargins
GetThemeSysInt
GetCurrentThemeName
GetThemeSysBool
GetThemeSysSize
GetThemeEnumValue
ord47
GetWindowTheme
GetThemeBool
EnableThemeDialogTexture

usp10

ScriptItemize
ScriptShape
ScriptCacheGetHeight
ScriptStringAnalyse
ScriptString_pcOutChars
ScriptStringXtoCP
ScriptStringValidate
ScriptGetGlyphABCWidth
ScriptCPtoX
ScriptJustify
ScriptStringOut
ScriptStringCPtoX

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nijrph
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f730978001de23973a12a670cf00de70

Headers

File Characteristics

Imports

user32

urlmon

kernel32

activeds

wtsapi32

uxtheme

usp10

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 46KB

.nijrph Size: 19KB - Virtual size: 18KB

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 46KB

.nijrph
Size: 19KB - Virtual size: 18KB

.rsrc
Size: 512B - Virtual size: 16B