5bfef5243785766482f3fb07456aab80e365953f5d282697e2f6938f1b42dd25

Sharing

Copy URL Twitter E-mail

General

Target

5bfef5243785766482f3fb07456aab80e365953f5d282697e2f6938f1b42dd25
Size

48KB
MD5

04f1430c036f6af516f49e970b58602a
SHA1

59176db2cbabf9fe100f92be8bcd7af80bc7cd1c
SHA256

5bfef5243785766482f3fb07456aab80e365953f5d282697e2f6938f1b42dd25
SHA512

95809fffceefa93c05fbd0fa2e51b855cf68f4163c84a0b7ce4ec22864f791edbe747794f802cc323bf4566a5dafdc3fd19277d5f0adf422ba26a76a43eb790a
SSDEEP

768:X6UrhnAtpM1hmcj2G1etRdqHbr3zxSD+amVSL2:3rC8JktvQHkD+a2SL

Score

N/A

Malware Config

Signatures

Files

5bfef5243785766482f3fb07456aab80e365953f5d282697e2f6938f1b42dd25
.exe windows x86

617e1614972e7b88d5a5a42a1c48876e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalSize
GlobalUnlock
LoadLibraryExW
LoadResource
LocalFree
LockResource
MoveFileW
MultiByteToWideChar
ReadFile
GlobalReAlloc
SetErrorMode
SetFilePointer
SetLastError
WriteFile
lstrcpynW
lstrlenA
LoadLibraryA
LoadLibraryW
GlobalAlloc
GetWindowsDirectoryW
GetTempFileNameW
GetSystemTimeAsFileTime
GetProcAddress
GetPrivateProfileStringW
GetModuleHandleW
GetEnvironmentVariableW
FreeResource
FreeLibrary
FindResourceW
FindFirstFileW
FindClose
ExpandEnvironmentStringsW
EnumResourceNamesW
DeleteFileW
CreateFileW
SearchPathW
CloseHandle

user32

LoadIconW
SystemParametersInfoW
SetForegroundWindow
SetDlgItemTextW
SetCursor
SendDlgItemMessageW
ReleaseDC
PeekMessageW
MessageBoxW
LookupIconIdFromDirectory
LoadStringW
LoadCursorW
GetSystemMetrics
GetSystemMenu
GetLastActivePopup
GetDlgItem
GetDC
EnableMenuItem
DispatchMessageW
DestroyWindow
CreateDialogParamW
CopyRect
CharNextW
GetClientRect

gdi32

GetStockObject
GetTextExtentPointW
GetTextExtentExPointW
GetDeviceCaps

advapi32

RegEnumKeyExW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExW
RegOpenKeyW
RegQueryInfoKeyW
RegQueryValueExW
RegQueryValueW
RegSetValueExW
RegSetValueW
RegDeleteKeyW
RegCreateKeyW
RegCloseKey

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHChangeNotify
SHAddToRecentDocs
FindExecutableW
ShellExecuteExW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

msvcrt

memmove
memcpy
_vsnwprintf

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 562B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

617e1614972e7b88d5a5a42a1c48876e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

version

msvcrt

Sections

.text Size: 29KB - Virtual size: 28KB

.data Size: 13KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1024B - Virtual size: 562B

.text
Size: 29KB - Virtual size: 28KB

.data
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1024B - Virtual size: 562B