51e079c90f28cb2bbca12fe007c9ef377b0b94710105590984c2cb6939ad5b63

Sharing

Copy URL

Twitter E-mail

General

Target

51e079c90f28cb2bbca12fe007c9ef377b0b94710105590984c2cb6939ad5b63
Size

58KB
MD5

33f778e4f55f8eef56e1bf0ef15d2430
SHA1

932724359c2174f5252df0476fafee65a6fc8168
SHA256

51e079c90f28cb2bbca12fe007c9ef377b0b94710105590984c2cb6939ad5b63
SHA512

b8db071ff1e2f3493b77ba6e08d4ff227c7df00f14ec266028accc0d2354c7333903969e4570ae7dcd96047e8e24ba69a2931300b14b334f38f435711a92e505
SSDEEP

1536:MuiheZ9QwOnTHk1I+XSo1ExnDRpth3CoKzllH:MuieZ6Dkhi4ElDRptJCoel

Score

N/A

Malware Config

Signatures

Files

51e079c90f28cb2bbca12fe007c9ef377b0b94710105590984c2cb6939ad5b63
.exe windows x86

272cf05e7f62869dc5285d3f3047105f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadCursorA
SetClipboardData
TranslateMessage
LoadIconA
CreateWindowExA

urlmon

RegisterMediaTypes
RevokeFormatEnumerator
CreateURLMoniker
CreateFormatEnumerator

kernel32

GetCommandLineA
LCMapStringW
LCMapStringA
VirtualLock
VirtualQueryEx
HeapAlloc
HeapCreate
IsValidLocale
GetCPInfoExA
VirtualFree
OpenSemaphoreA
LeaveCriticalSection
IsValidCodePage
PulseEvent
GetModuleHandleA
GetProcAddress
VirtualAlloc
GetStringTypeW
GetStringTypeA
ReadFile
SetEndOfFile
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
SetStdHandle
CreateFileA
CloseHandle
RtlUnwind
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
HeapFree
GetLastError
GetFullPathNameA
GetStartupInfoA
GetVersion
ExitProcess
EnterCriticalSection
WriteFile
HeapDestroy
InitializeCriticalSection
DeleteCriticalSection
HeapReAlloc
GetCurrentDirectoryA
GetDriveTypeA
SetHandleCount
GetStdHandle
GetFileType
SetFilePointer
FlushFileBuffers
TerminateProcess
GetCurrentProcess

wtsapi32

WTSOpenServerA
WTSCloseServer
WTSEnumerateSessionsA
WTSEnumerateProcessesA

uxtheme

GetThemeTextExtent
IsAppThemed
GetThemeSysSize
DrawThemeBackground
EnableTheming
GetThemeSysColor
GetThemeMargins
GetThemeInt
GetThemeRect
SetWindowTheme
GetThemePropertyOrigin
ord47

usp10

ScriptStringValidate
ScriptStringAnalyse
ScriptApplyLogicalWidth
ScriptStringXtoCP
ScriptPlace
ScriptCacheGetHeight
ScriptGetLogicalWidths
ScriptJustify
ScriptGetFontProperties
ScriptShape
ScriptString_pSize

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ahmt
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

272cf05e7f62869dc5285d3f3047105f

Headers

File Characteristics

Imports

user32

urlmon

kernel32

wtsapi32

uxtheme

usp10

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 37KB

.ahmt Size: 16KB - Virtual size: 15KB

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 37KB

.ahmt
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 512B - Virtual size: 16B