e971e46da1e1545cff1224bed3661188ec4e637957608148892214488c965c08

Sharing

Copy URL

Twitter E-mail

General

Target

e971e46da1e1545cff1224bed3661188ec4e637957608148892214488c965c08
Size

227KB
MD5

741b88435e00aeaabd07db3eea02241f
SHA1

b06bf92fc54e2725218d21b11b43d0baf708cba2
SHA256

e971e46da1e1545cff1224bed3661188ec4e637957608148892214488c965c08
SHA512

200ded88563763431e4677bb0b1807803bf99c56425bdb3fefd59acaa31be2417ffe299159ba6a6a84db2a3b9f25774facae24fe00afeb1b1e619b05597b028a
SSDEEP

6144:DgGdKtGiFdcPv1d2W6Jk+YGRPGSD4mnfOdxL/spE2W:USi39Jk+5RPHnOLsK2W

Score

N/A

Malware Config

Signatures

Files

e971e46da1e1545cff1224bed3661188ec4e637957608148892214488c965c08
.exe windows x86

af45b2c27905c85ae9e5238112ac352e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
LocalAlloc
GlobalDeleteAtom
ReplaceFileW
GetMailslotInfo
GetVolumeInformationW
GetTimeFormatW
GetModuleHandleW
GetCalendarInfoW
CreateEventW
EndUpdateResourceW
ExpandEnvironmentStringsA
GetExpandedNameA
CompareStringW
OpenSemaphoreW
MoveFileW
OpenFile
Sleep
GetWindowsDirectoryA
FatalAppExitW
GetProcAddress
SetLastError
GlobalAlloc
GetExitCodeProcess
QueryPerformanceFrequency
GetThreadLocale
CreateFileMappingW
GetPriorityClass
GlobalGetAtomNameW
lstrcat
lstrcpynW
FreeLibrary
GetSystemTime
CompareStringA
LoadLibraryA
OpenEventA
ExitThread
lstrlenA
SetThreadPriority
ConnectNamedPipe
GetLocalTime
IsDebuggerPresent
lstrlenW
CreateMutexA
OpenEventW
lstrcmpi

user32

GetDC
GetDC
SendMessageW
LoadMenuA
CallWindowProcA
AdjustWindowRect
SetCapture
GetClassLongW
InsertMenuA
DialogBoxIndirectParamA
GetWindowTextA
GetMenu
MonitorFromWindow
DefDlgProcA
ShowWindow
CheckMenuItem
GetActiveWindow
wvsprintfW
GetWindowTextLengthW
ShowCaret
GetClassNameW
SendDlgItemMessageW
GetWindowTextLengthA
GetClassInfoA
CopyIcon
CloseWindow
GetDlgItem
IsCharUpperA

gdi32

GetMetaFileW
UnrealizeObject
EqualRgn
GdiGetBatchLimit
GetEnhMetaFileDescriptionW
SetPixelFormat
SetDCPenColor
SetRectRgn
SetMetaRgn
DrawEscape
InvertRgn
SetColorSpace
DeleteObject
EnumFontsA
GetMapMode
SetViewportOrgEx
GetOutlineTextMetricsA

advapi32

RegEnumValueA
RegCreateKeyW
RegQueryValueW
RegCreateKeyExA
RegQueryInfoKeyW
RegSaveKeyA
RegOpenKeyExW

shlwapi

UrlCompareW
PathCompactPathExA
SHAutoComplete
AssocQueryStringByKeyA
DllGetVersion
PathRemoveArgsA
StrNCatA
SHRegGetBoolUSValueA
HashData
PathMakeSystemFolderW
PathSkipRootA
PathAddBackslashW
StrFormatByteSizeA
StrRStrIW

winmm

mixerGetLineControlsW
midiStreamPosition
waveOutGetErrorTextA
mciGetDeviceIDA
mmioSendMessage
waveOutGetPosition
tid32Message
mciSendCommandA
mmioClose
waveOutGetNumDevs

sqlunirl

_LoadBitmap@8
_RegUnLoadKey_@8
_PolyTextOut_@12
_lstrcpy_@8
_DlgDirList_@20
_WriteConsoleInput_@16
_PeekMessage@20
_CreateMDIWindow_@40
_GetSystemDirectory_@8
_SetFileAttributes_@8
_SetICMProfile_@8
_NDdeGetErrorString_@12
_CompareString_@24

Sections

.Cupa
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xaS
Size: 3KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.FTD
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.OT
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.PGFqsp
Size: 4KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.T
Size: 4KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.NrDF
Size: 5KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.J
Size: 512B - Virtual size: 435KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JJ
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af45b2c27905c85ae9e5238112ac352e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

winmm

sqlunirl

Sections

.Cupa Size: 7KB - Virtual size: 7KB

.xaS Size: 3KB - Virtual size: 220KB

.FTD Size: 84KB - Virtual size: 83KB

.OT Size: 14KB - Virtual size: 14KB

.PGFqsp Size: 4KB - Virtual size: 138KB

.T Size: 4KB - Virtual size: 18KB

.NrDF Size: 5KB - Virtual size: 166KB

.J Size: 512B - Virtual size: 435KB

.JJ Size: 83KB - Virtual size: 83KB

.data Size: 11KB - Virtual size: 29KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 1024B - Virtual size: 1024B

.Cupa
Size: 7KB - Virtual size: 7KB

.xaS
Size: 3KB - Virtual size: 220KB

.FTD
Size: 84KB - Virtual size: 83KB

.OT
Size: 14KB - Virtual size: 14KB

.PGFqsp
Size: 4KB - Virtual size: 138KB

.T
Size: 4KB - Virtual size: 18KB

.NrDF
Size: 5KB - Virtual size: 166KB

.J
Size: 512B - Virtual size: 435KB

.JJ
Size: 83KB - Virtual size: 83KB

.data
Size: 11KB - Virtual size: 29KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 1024B - Virtual size: 1024B