5a3854ad9aaef1a9a359292e82cc491b7ed9f2f109e89e4a8d7a63440ed9e2e5

Sharing

Copy URL Twitter E-mail

General

Target

5a3854ad9aaef1a9a359292e82cc491b7ed9f2f109e89e4a8d7a63440ed9e2e5
Size

157KB
MD5

483a9f7fe9610673a6701502f9b693c6
SHA1

a07e609a0b813257f11ef2d829a78029254d02fe
SHA256

5a3854ad9aaef1a9a359292e82cc491b7ed9f2f109e89e4a8d7a63440ed9e2e5
SHA512

297a7f65ebedc2d5481cf4e2f067cfd954c4c166baeddf7e41300dbe5ee65fed8357da6ec0b9cf4faaffbe9595c7ab1b4b4350c58863852d4d88e073d90085ec
SSDEEP

3072:7aDqNIXUJXZadTWoSUfgHhf4jbp/rVzrQNDxUm:kmIX4ZwGFebp5PWU

Score

N/A

Malware Config

Signatures

Files

5a3854ad9aaef1a9a359292e82cc491b7ed9f2f109e89e4a8d7a63440ed9e2e5
.exe windows x86

aa77253508c3d109d445471f0d2bf512

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetFilePointer
GetACP
LocalAlloc
GetLocaleInfoW
GetCommandLineW
GetStartupInfoA
GetModuleHandleA
GetConsoleOutputCP
lstrcatA
WaitForMultipleObjects
VirtualProtect
FileTimeToLocalFileTime
GetStringTypeA

msvcrt

_except_handler3
_acmdln
atexit
strcat
_ftol
__p__fmode
_lock
exit
_XcptFilter
__mb_cur_max
_adjust_fdiv
_initterm
log
__setusermatherr
fsetpos
getenv
__getmainargs
sqrt
calloc
__set_app_type
_mbscmp
ftell
__p__commode
_wtol

user32

LoadCursorA
GetWindowPlacement
GetLastActivePopup
LoadBitmapA
DestroyMenu
SendDlgItemMessageA
ReleaseCapture
GetCursorPos
LoadStringA

oleaut32

SysStringByteLen
SafeArrayPtrOfIndex
SysStringLen
LoadTypeLib
SysReAllocStringLen
VariantCopy
VariantClear
SysFreeString

advapi32

RegFlushKey
QueryServiceStatus
InitiateSystemShutdownA
LookupPrivilegeValueA
RegDeleteValueA
FreeSid
LookupPrivilegeValueW
RegEnumKeyA

comctl32

ImageList_Read
ImageList_Remove
ImageList_DrawEx
ImageList_GetIcon
CreatePropertySheetPageA
ImageList_BeginDrag
InitCommonControlsEx
ImageList_DragShowNolock
ImageList_LoadImageW
ImageList_Create

gdi32

CopyMetaFileA
GetNearestPaletteIndex
CreateBrushIndirect
GetTextExtentPoint32W
EnumFontsA
GetObjectA

ole32

ProgIDFromCLSID
OleRun
CoInitialize
CoSetProxyBlanket
GetRunningObjectTable
OleInitialize
CLSIDFromString

shell32

DragFinish
SHChangeNotify
SHGetPathFromIDList
SHBindToParent
Shell_NotifyIconA

version

VerFindFileW
GetFileVersionInfoA
GetFileVersionInfoW
VerInstallFileA
VerQueryValueA
GetFileVersionInfoSizeW
VerInstallFileW
VerQueryValueW

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fuyahvl
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aa77253508c3d109d445471f0d2bf512

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

oleaut32

advapi32

comctl32

gdi32

ole32

shell32

version

Sections

.text Size: 64KB - Virtual size: 63KB

.data Size: 49KB - Virtual size: 48KB

.rsrc Size: 43KB - Virtual size: 45KB

fuyahvl Size: - Virtual size: 4KB

.text
Size: 64KB - Virtual size: 63KB

.data
Size: 49KB - Virtual size: 48KB

.rsrc
Size: 43KB - Virtual size: 45KB

fuyahvl
Size: - Virtual size: 4KB