fa112c96c18555092b967c686da21b04210c3009e3c6e3f4315ebac2b21bc5c8

Sharing

Copy URL Twitter E-mail

General

Target

fa112c96c18555092b967c686da21b04210c3009e3c6e3f4315ebac2b21bc5c8
Size

68KB
MD5

360b8f95241e76eb00b5167abff39dfe
SHA1

978ee0d10a9e0e1e1f2104aa235eacc5ef9e97ba
SHA256

fa112c96c18555092b967c686da21b04210c3009e3c6e3f4315ebac2b21bc5c8
SHA512

aacde3db9c1cd1983437c1258b3d02843f2d67dceb41810c803b8db2a062c695928e4634a5fa41682116a71816340aaed6cd2bcc11c2e646cf636f672380ea25
SSDEEP

1536:KuqXrbxZEtC+30vNeQyJ7mq799dYvcTGR/86wVlzQ6:FqXrb7WCcjZ9ZbYVtnAzn

Score

N/A

Malware Config

Signatures

Files

fa112c96c18555092b967c686da21b04210c3009e3c6e3f4315ebac2b21bc5c8
.exe windows x86

2b6884a07c47e822425a855127db9107

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetDriveTypeA
GetSystemTime
GetNumberFormatA
GetDateFormatA
GlobalLock
GlobalAlloc
GetVersionExA
GetFullPathNameA
GetStringTypeA
GetThreadLocale
lstrcmpiW
ExitProcess
VirtualProtectEx
CompareStringW
SetThreadLocale
GlobalUnlock

msvcrt

_errno
_exit
_controlfp
_adjust_fdiv
__getmainargs
_initterm
__p__commode
memset
strrchr
calloc
_snprintf
__setusermatherr
sprintf
_except_handler3
__p__fmode
sqrt
__set_app_type
fputc
__p___initenv
wcslen
free
_XcptFilter
fclose

comdlg32

GetOpenFileNameA

user32

EnumThreadWindows
SetClipboardData
DrawEdge
BeginPaint
MessageBoxA
SetDlgItemTextA
GetLastActivePopup
EndPaint
IsDialogMessageA
GetScrollPos
WinHelpA
GetMenuItemID
RedrawWindow

ole32

ProgIDFromCLSID
OleGetClipboard
CoCreateGuid
CoRegisterClassObject
IsEqualGUID
RegisterDragDrop
StgCreateDocfileOnILockBytes
OleFlushClipboard
CoFreeUnusedLibraries
StgOpenStorage
ReleaseStgMedium
CoGetInterfaceAndReleaseStream
CoCreateInstance
CoSetProxyBlanket
CLSIDFromString
CreateStreamOnHGlobal
OleInitialize

comctl32

ImageList_Remove
DestroyPropertySheetPage
ImageList_AddMasked
ImageList_Write
ImageList_Destroy
ImageList_Replace
ImageList_GetImageCount
ImageList_SetIconSize

advapi32

OpenSCManagerW
SetSecurityDescriptorOwner
EqualSid
CryptDestroyHash
RegSetValueExW
SetSecurityDescriptorGroup
RegCreateKeyA
RegDeleteValueA
RegQueryValueA
RegSetValueExA
OpenProcessToken
SetSecurityDescriptorDacl
RegOpenKeyExA
CloseServiceHandle

gdi32

GetNearestPaletteIndex
GetCurrentObject
SelectObject
CopyMetaFileA
GetObjectType
GetStockObject
SetViewportExtEx
CopyEnhMetaFileA
CreateCompatibleBitmap
OffsetWindowOrgEx
GetMapMode
AbortDoc
GetBrushOrgEx
CreateEllipticRgn
ExtCreateRegion
MaskBlt

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b6884a07c47e822425a855127db9107

Headers

File Characteristics

Imports

kernel32

msvcrt

comdlg32

user32

ole32

comctl32

advapi32

gdi32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 9KB - Virtual size: 45KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 9KB - Virtual size: 45KB

.rsrc
Size: 20KB - Virtual size: 19KB