ab3c32bc76054f562bdb658d6935e8075f93781c58145dba9a616a7cab674e1e

Sharing

Copy URL Twitter E-mail

General

Target

ab3c32bc76054f562bdb658d6935e8075f93781c58145dba9a616a7cab674e1e
Size

307KB
MD5

6813780fb0eabeaa82ad1e85ee311860
SHA1

611f94ffd102a5a381359809064f45c0ed79a0da
SHA256

ab3c32bc76054f562bdb658d6935e8075f93781c58145dba9a616a7cab674e1e
SHA512

7d312843072185b2b4b50095ee2b8ebceb6b7828e16510804ab47eac69b29b21fef2a19c5deda53ed11c1827e04b192f07330b016c6fd778c82abbe575c25b1b
SSDEEP

6144:nMdbHniiav4BnRcXjdQ7ZHHgYjKAB0HBC2pZr:kHikdRojdQ7REvCMZr

Score

N/A

Malware Config

Signatures

Files

ab3c32bc76054f562bdb658d6935e8075f93781c58145dba9a616a7cab674e1e
.exe windows x86

40ccda4501a153e0331761c1e960f0d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SafeArrayLock
SafeArrayCreate
RegisterTypeLi
SafeArrayGetVartype
SysStringByteLen
VariantInit
LoadTypeLi
SysAllocString
GetErrorInfo
UnRegisterTypeLi
DispCallFunc
SysAllocStringByteLen
SysAllocStringLen
LoadRegTypeLi
SafeArrayRedim
SafeArrayUnlock
VarUI4FromStr
SafeArrayDestroy
SysStringLen
VariantCopyInd
SysFreeString
VariantCopy
SafeArrayGetLBound
VariantClear
SafeArrayGetUBound
SafeArrayCopy

kernel32

LoadLibraryExA
SetFileAttributesA
RaiseException
WaitForSingleObject
CreateMutexA
lstrcmpA
SetPriorityClass
CreateProcessA
GetACP
RemoveDirectoryA
CreateEventA
HeapFree
SizeofResource
SetProcessWorkingSetSize
CreateFileA
GetCurrentThreadId
OpenMutexA
WideCharToMultiByte
GetThreadLocale
HeapDestroy
LocalFree
ReleaseMutex
GetCommandLineA
FormatMessageA
FindClose
FindFirstFileA
CopyFileA
lstrcpyA
lstrlenW
CreateDirectoryA
lstrcpynA
FindNextFileA
GetModuleHandleA
HeapReAlloc
FindResourceA
LocalAlloc
GetSystemTimeAsFileTime
lstrcatA
HeapAlloc
lstrlenA
LoadResource
EnterCriticalSection
ResetEvent
FreeLibrary
OpenProcess
LockResource
IsDBCSLeadByte
FindResourceExA
lstrcmpiA
OpenEventA
CloseHandle
GetPriorityClass
CreateThread
OutputDebugStringA
GetUserDefaultLangID
GetProcessHeap
LeaveCriticalSection
DeleteFileA
WaitForMultipleObjects
GetTempPathA
DeleteCriticalSection
HeapSize
GetVersion
VirtualAllocEx

user32

LoadCursorA
CreateWindowExA
CharNextA
GetMessageA
RegisterClassA
PeekMessageA
RegisterWindowMessageA
PostThreadMessageA
MessageBoxA
DefWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
TranslateMessage
PostQuitMessage
LoadStringA

rpcrt4

RpcStringFreeA
UuidCreate
UuidToStringA

ole32

CoRevokeClassObject
CoTaskMemFree
CoTaskMemAlloc
CoMarshalInterThreadInterfaceInStream
CoInitializeSecurity
CoUninitialize
CoGetInterfaceAndReleaseStream
CoTaskMemRealloc
CoCreateInstance
OleRun
CoInitializeEx
CoRegisterClassObject
CLSIDFromString
CoInitialize
CLSIDFromProgID
StringFromGUID2

shlwapi

PathFileExistsA
PathFindExtensionA

comctl32

ImageList_LoadImageA
ImageList_SetBkColor
CreateToolbarEx
CreateStatusWindowW
ImageList_DragMove
CreateUpDownControl
UninitializeFlatSB

umdmxfrm

GetXformInfo

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 281KB - Virtual size: 997KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40ccda4501a153e0331761c1e960f0d8

Headers

File Characteristics

Imports

oleaut32

kernel32

user32

rpcrt4

ole32

shlwapi

comctl32

umdmxfrm

Sections

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 281KB - Virtual size: 997KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 281KB - Virtual size: 997KB

.rsrc
Size: 2KB - Virtual size: 2KB