113e36c32389191bee137811f1153a54a55600d598b935c725c5092fa7998883

Sharing

Copy URL Twitter E-mail

General

Target

113e36c32389191bee137811f1153a54a55600d598b935c725c5092fa7998883
Size

228KB
MD5

00d2883be45f3b7c6fc4ecc6169d785e
SHA1

c058c4d33ba1f0ad9ca5fd2dffad6512b639f6ed
SHA256

113e36c32389191bee137811f1153a54a55600d598b935c725c5092fa7998883
SHA512

85c7b621874205979a6be73718bc53c9924f2ad87e93d80e708e686bd4c84ecf76c7ef60cd61301f59fc1c2cb75b891b47547d0ebc920d51113018dc597ceb1d
SSDEEP

6144:/1WaQm5kWs1wqVo2ClRAS+YWnKM83Cwmiy:DR5ymqVo2C0S+YsKLyXV

Score

N/A

Malware Config

Signatures

Files

113e36c32389191bee137811f1153a54a55600d598b935c725c5092fa7998883
.exe windows x86

fcbd1d5302b253d0ace4300ad048e030

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_initterm
remove
__p__fmode
strcpy
malloc
fclose
atoi
abort
fprintf
__getmainargs
fwrite
strchr
_adjust_fdiv
_except_handler3
free
fread
_exit
memcpy
__p__environ
_XcptFilter
exit
_acmdln
__setusermatherr
strlen
printf
__p__commode
fseek
__set_app_type
_setmode
_snprintf
memmove
fopen
strcmp
_onexit
strrchr

kernel32

GetCPInfo
GetProcAddress
CreateProcessW
GetStdHandle
SystemTimeToFileTime
GetModuleHandleW
GetStringTypeA
LoadLibraryA
LocalFileTimeToFileTime

ole32

StringFromIID
StringFromCLSID
CoLoadLibrary
CreateILockBytesOnHGlobal
CreateBindCtx
CoInitializeEx
OleUninitialize
CoGetMalloc
OleIsCurrentClipboard

gdi32

CloseMetaFile
CreateEllipticRgn
StartDocA
MaskBlt
Chord
CreateICW
GetROP2
EnumFontFamiliesExW
GetStockObject
GetTextExtentPointA
EnumFontFamiliesExA
AbortDoc
DeleteMetaFile

user32

GetClassInfoA
GetForegroundWindow
GetFocus
SetClassLongA
GetDCEx
GetDC
GetMenuState
WaitMessage
GetWindowPlacement

shell32

ExtractIconExA
SHGetFolderPathW
SHAddToRecentDocs
SHGetSpecialFolderPathW
DragQueryFileA
SHGetSettings
SHGetFileInfoA
DragFinish
DragQueryFile
ShellExecuteA
SHGetMalloc
SHChangeNotify
SHFileOperationA

advapi32

RegQueryValueExW
CryptAcquireContextA
RegEnumKeyW
OpenSCManagerA
CryptReleaseContext
RegDeleteValueA
EqualSid

oleaut32

SafeArrayCreate
SafeArrayRedim
SysFreeString
SysStringByteLen
SysReAllocStringLen
SysStringLen
VariantInit
VariantCopyInd
GetActiveObject
SafeArrayGetUBound

comctl32

ImageList_Remove
PropertySheetA
InitCommonControls
ImageList_Replace
PropertySheetW
CreatePropertySheetPageA
ImageList_GetImageInfo
ImageList_BeginDrag
ImageList_SetIconSize

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fcbd1d5302b253d0ace4300ad048e030

Headers

File Characteristics

Imports

msvcrt

kernel32

ole32

gdi32

user32

shell32

advapi32

oleaut32

comctl32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 50KB - Virtual size: 60KB

.rsrc Size: 63KB - Virtual size: 62KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 50KB - Virtual size: 60KB

.rsrc
Size: 63KB - Virtual size: 62KB