e3257067ba0d4b881f7bf47ae63770cd6f11409ac07da07a7bd433aa9ac679f6

Sharing

Copy URL

Twitter E-mail

General

Target

e3257067ba0d4b881f7bf47ae63770cd6f11409ac07da07a7bd433aa9ac679f6
Size

86KB
MD5

6158b1567ff99b9837b682c327f1aca1
SHA1

ae85b0a519ebc7177b957612fe730f925f517c1a
SHA256

e3257067ba0d4b881f7bf47ae63770cd6f11409ac07da07a7bd433aa9ac679f6
SHA512

79d9d9589c8f30299f618af65aad0d09a0b5feb61dd4a155e79666e1550ade22fc58d31e700a041e28e0ab5a4692d22529bc41374813af77670068027cb1e8b4
SSDEEP

1536:GmfaAa9kMhYP8Kl0F0Bvyk04fJ0tOH74ZIQHYlsTwdP70QNaCdX8tAswRQUR6MqS:XfaAa9DYy05yk04fHEZhY6TPQ8t0QUFF

Score

N/A

Malware Config

Signatures

Files

e3257067ba0d4b881f7bf47ae63770cd6f11409ac07da07a7bd433aa9ac679f6
.exe windows x86

c441a272d7d0f52e970e0706b8f477cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
GetUserDefaultLCID
MulDiv
GetLastError
GetProcAddress
IsDebuggerPresent
GetEnvironmentStringsW
GetProcessHeap
GetStringTypeA
OpenProcess
GetCommandLineW
VirtualProtectEx
QueryPerformanceCounter
GetModuleHandleW
IsBadReadPtr
FreeEnvironmentStringsA
WritePrivateProfileStringA

msvcrt

_initterm
_XcptFilter
_adjust_fdiv
__p__fmode
_except_handler3
strncpy
_vsnprintf
__p__commode
__getmainargs
__setusermatherr
realloc
free
getenv
_exit
strstr
strlen
_controlfp
__p___initenv
__set_app_type
sprintf
calloc
fputc

user32

InsertMenuItemA
GetSysColor
FillRect
CreatePopupMenu
IsWindowVisible
GetMenuState
EqualRect
SetWindowPlacement
DestroyMenu
GetActiveWindow
UnhookWindowsHookEx
SetWindowsHookExA
GetMenuStringA
MessageBoxA
GetClassInfoA
IsZoomed
InvalidateRect
PostQuitMessage

advapi32

GetSecurityDescriptorDacl
CryptReleaseContext
RegOpenKeyW
RegDeleteKeyW
RegEnumKeyExA
RegQueryValueExW
LookupPrivilegeValueW
LookupPrivilegeValueA
CryptCreateHash
RegQueryInfoKeyW
OpenSCManagerA
RegSetValueExW
RegOpenKeyA
GetUserNameA
RegQueryValueExA

gdi32

CloseEnhMetaFile
GetNearestPaletteIndex
StretchBlt
TextOutW
SetTextAlign
GetViewportOrgEx
DeleteDC

ole32

CreateBindCtx
ReleaseStgMedium
OleInitialize
CoRegisterClassObject
StringFromCLSID
GetRunningObjectTable
StringFromGUID2
OleSetClipboard
CoTaskMemFree
CreateItemMoniker
ProgIDFromCLSID
CoRegisterMessageFilter
DoDragDrop

comctl32

ImageList_SetDragCursorImage
InitCommonControlsEx
ImageList_SetOverlayImage
CreateStatusWindowA
CreatePropertySheetPageA
ImageList_EndDrag
ImageList_SetBkColor
ImageList_Create
ImageList_GetImageCount
ImageList_DragLeave
ImageList_Draw
InitializeFlatSB
ImageList_DragEnter
PropertySheetW
ImageList_Remove
DestroyPropertySheetPage
ImageList_SetIconSize
ImageList_BeginDrag
ImageList_DrawEx

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c441a272d7d0f52e970e0706b8f477cd

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

gdi32

ole32

comctl32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 64KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 64KB

.rsrc
Size: 6KB - Virtual size: 6KB