cff858eacf160da02c39e95548e8fe26657f5886aa53a6703643791e3afa39e6

Sharing

Copy URL Twitter E-mail

General

Target

cff858eacf160da02c39e95548e8fe26657f5886aa53a6703643791e3afa39e6
Size

252KB
MD5

251177a85316708ef202c83564f35e30
SHA1

114f4940627fb776ce77b3a0887e59ec227680fd
SHA256

cff858eacf160da02c39e95548e8fe26657f5886aa53a6703643791e3afa39e6
SHA512

e31a1b13a49a8347c0474a0bdb83ab104340d3ae0f0de38014ea013e6e1255317bf00dee99ec595606c2a731a122fb8c066e0ce4b41905d98e4660d62cf4a3a3
SSDEEP

6144:6BHoY0TE9MKdOP8tui97oGX2la3L2AKHKwjBoJE:6CY0TE9l552Y3L8HKk2J

Score

N/A

Malware Config

Signatures

Files

cff858eacf160da02c39e95548e8fe26657f5886aa53a6703643791e3afa39e6
.exe windows x86

6f9b2320b001abb42fc2041a24b8aa18

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawFrameControl
CheckRadioButton
SendDlgItemMessageA
GetClipboardData
SendMessageA
DestroyWindow
SetClipboardData
AppendMenuA
GetActiveWindow
FillRect
TrackPopupMenu
SetForegroundWindow
PostMessageA
IsDialogMessageA

ole32

CoInitialize
CoUninitialize
CoCreateInstance
OleInitialize
OleSetContainedObject

xolehlp

ord5
ord7

kernel32

DeleteCriticalSection
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
GetSystemInfo
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetCPInfo
GetOEMCP
WriteConsoleW
VirtualProtect
LoadLibraryExA
GetNativeSystemInfo
ExpandEnvironmentStringsA
GetDriveTypeA
GetVolumeInformationA
Sleep
CreateProcessA
CloseHandle
GetStartupInfoA
DeleteFileA
GetTickCount
FlushFileBuffers
CreateThread
LocalFree
LocalAlloc
InitializeCriticalSection
EnterCriticalSection
CreateDirectoryA
ResetEvent
VirtualFree
VirtualAlloc
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
GetCommandLineA
GetVersionExA
LeaveCriticalSection
FatalAppExitA
HeapDestroy
HeapCreate
HeapReAlloc
IsBadWritePtr
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsAlloc
SetLastError
GetCurrentThreadId
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
RtlUnwind
HeapSize
InterlockedExchange
VirtualQuery
LoadLibraryA
GetACP

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f9b2320b001abb42fc2041a24b8aa18

Headers

File Characteristics

Imports

user32

ole32

xolehlp

kernel32

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 104KB - Virtual size: 101KB

.data Size: 72KB - Virtual size: 360KB

.rsrc Size: 4KB - Virtual size: 1000B

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 104KB - Virtual size: 101KB

.data
Size: 72KB - Virtual size: 360KB

.rsrc
Size: 4KB - Virtual size: 1000B