21d608131cb93045ba1e0d81258afb04d7efb44520ea9aaf66a2ea4a8f341766

Sharing

Copy URL Twitter E-mail

General

Target

21d608131cb93045ba1e0d81258afb04d7efb44520ea9aaf66a2ea4a8f341766
Size

85KB
MD5

01fc40004089e7937009e7f9c9b834b6
SHA1

df0b38241222ba1de6ab0cedfa45e1d2c41bdbb1
SHA256

21d608131cb93045ba1e0d81258afb04d7efb44520ea9aaf66a2ea4a8f341766
SHA512

671a04ed3e28831362ff3d30105ea8139dbf5bc7a2ec5c5a5eb1fbeaf2d04141b182835061199772c1feb16819f5ed90a2a4e436403830766e37b348b3e06592
SSDEEP

1536:T+20hQAo7Gm64toQ5PaLOzrPr7Cbu8TBsfh/iemvP1UYh4xI1fq/7IUqk/80:TUhQA6xaivCbIVfmuYh4uScUqk/f

Score

N/A

Malware Config

Signatures

Files

21d608131cb93045ba1e0d81258afb04d7efb44520ea9aaf66a2ea4a8f341766
.exe windows x86

1e36c116a0d6cb3f0d017050c8c1b2d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memmove
calloc
_exit
fprintf
__p__commode
fputc
__set_app_type
wcslen
strlen
signal
_initterm
__getmainargs
fclose
exit
_except_handler3
free
_controlfp
__p__environ
__setusermatherr
_adjust_fdiv
_XcptFilter
__p___initenv
__p__fmode
atoi
strstr
strncmp

kernel32

GetSystemTime
GetConsoleMode
VirtualProtectEx
CompareStringA
GlobalLock
Sleep
GetProcessHeap
RaiseException
GetLastError
GetCommandLineW
GetPrivateProfileStringA
GetLocaleInfoW
CreateProcessW
lstrcmpiW
GetSystemInfo
GetProcAddress
GetShortPathNameA
lstrlenA
CompareStringW
WaitForSingleObject
GetModuleHandleW

ole32

PropVariantClear
CoReleaseMarshalData
IIDFromString
CoGetMalloc
CreateStreamOnHGlobal
ProgIDFromCLSID
StgCreateDocfileOnILockBytes
CoDisconnectObject
IsEqualGUID
OleFlushClipboard
DoDragDrop

gdi32

PlayMetaFileRecord
BeginPath
FrameRgn
SetBkMode
StrokeAndFillPath
ExtTextOutA
PlayMetaFile
SetPixel
GetClipRgn
EnumFontFamiliesA
SetDIBColorTable
SetRectRgn
SetMapMode
GetObjectA

comctl32

ImageList_ReplaceIcon
CreatePropertySheetPageA
ImageList_SetDragCursorImage
PropertySheetA
ImageList_DrawEx
ImageList_Write
ImageList_LoadImageW
ImageList_SetBkColor
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_LoadImageA
ImageList_GetIcon
ImageList_SetIconSize
ImageList_Destroy
ImageList_GetIconSize
ImageList_Add
PropertySheetW

advapi32

OpenServiceW
RegCreateKeyA
CryptCreateHash
CryptHashData
DeregisterEventSource
RegEnumKeyA
SetSecurityDescriptorGroup
RegOpenKeyA

user32

SetRect
DrawEdge
EndPaint
WinHelpA
CallNextHookEx
InvalidateRect
GetSystemMenu
UpdateWindow
DestroyWindow
GetWindowRect
SetWindowTextA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e36c116a0d6cb3f0d017050c8c1b2d4

Headers

File Characteristics

Imports

msvcrt

kernel32

ole32

gdi32

comctl32

advapi32

user32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 63KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 63KB

.rsrc
Size: 3KB - Virtual size: 3KB