c849a7da682ccfcf29c99ee3869a379617498700e5e09d717db12a97a0a278c8

Sharing

Copy URL Twitter E-mail

General

Target

c849a7da682ccfcf29c99ee3869a379617498700e5e09d717db12a97a0a278c8
Size

128KB
MD5

127c83cf77d41241ec2659488f182e40
SHA1

df389c96bc0dfa4951dacff92190474d25021da6
SHA256

c849a7da682ccfcf29c99ee3869a379617498700e5e09d717db12a97a0a278c8
SHA512

5bbb9d26be2a558432c3c25827e5191459b36a27677533236e6674606b6db1f5a050a012ca454d36c9233e9f42bc1bd9f8b5fd2b176564f61a5fa9bb833518de
SSDEEP

3072:6PukjsbTUtovO76mA7ivnYPtaEAI2j0o1igoLYgJ7Q:ZTMRA2/Ma7I2j0GigjgC

Score

N/A

Malware Config

Signatures

Files

c849a7da682ccfcf29c99ee3869a379617498700e5e09d717db12a97a0a278c8
.exe windows x86

ee68e62d378c9347e19740cde2bf3cbe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetDataFromIDListW
SHGetSettings
ord179
Shell_NotifyIconA
SHGetInstanceExplorer
DragAcceptFiles
DuplicateIcon
ExtractIconW
ShellAboutA
DragQueryFileW
DoEnvironmentSubstA
ShellExecuteExA
SHGetDiskFreeSpaceA
SHLoadInProc

imagehlp

UpdateDebugInfoFile
FindDebugInfoFile
GetTimestampForLoadedLibrary
UnmapDebugInformation
SymGetSymFromAddr
EnumerateLoadedModules
SymGetLineFromName
MapFileAndCheckSumA
SymGetSymFromName
SymGetModuleBase
TouchFileTimes
RemovePrivateCvSymbolic
RemovePrivateCvSymbolicEx
ImageGetDigestStream
BindImageEx
SymEnumerateModules
SymInitialize
ImageNtHeader
SearchTreeForFile
ImageAddCertificate
SymMatchFileName

gdi32

SelectObject
GetEnhMetaFileBits
CreateDIBSection
ModifyWorldTransform
UpdateICMRegKeyA
AngleArc

ole32

OleRegEnumFormatEtc
CreateStreamOnHGlobal
OleCreateLink
HACCEL_UserUnmarshal
StringFromIID
CreateStdProgressIndicator
CoMarshalHresult
OleCreateFromData
SNB_UserUnmarshal
STGMEDIUM_UserFree
HGLOBAL_UserSize
CoReleaseMarshalData
STGMEDIUM_UserSize
OleDestroyMenuDescriptor
OleGetClipboard
CoIsHandlerConnected
OleLoadFromStream
StringFromCLSID
OleConvertOLESTREAMToIStorage
HGLOBAL_UserFree
StgCreatePropStg
CreateItemMoniker
CoBuildVersion
CoFreeUnusedLibraries
CoTaskMemAlloc
OleIsRunning
OleGetIconOfFile
CoFileTimeToDosDateTime
StgGetIFillLockBytesOnFile
CoDosDateTimeToFileTime
StgIsStorageFile
HACCEL_UserFree
MonikerCommonPrefixWith
CoUnmarshalHresult
GetConvertStg
CreatePointerMoniker
CoMarshalInterThreadInterfaceInStream
CoFreeLibrary
HBITMAP_UserMarshal
CreateOleAdviseHolder
OleCreateLinkToFile
CoLockObjectExternal
CoTaskMemRealloc
OleDoAutoConvert
CreateFileMoniker
CoGetClassObject
CoCreateGuid
OleCreateDefaultHandler

kernel32

GetModuleHandleA
GetStartupInfoA
GetSystemTime

oleaut32

VarUI1FromUI2
VarUI2FromDisp
VarI2FromStr
BSTR_UserMarshal
GetRecordInfoFromGuids
VarUI2FromUI1
VarUI4FromR8
VarI2FromR4
VarUI4FromDec
VarUI1FromUI4

user32

InsertMenuItemW
AdjustWindowRectEx
OpenIcon
DefWindowProcA
DialogBoxParamW
GetClassLongA
CallMsgFilterW
BeginDeferWindowPos
DdeSetUserHandle
OffsetRect
SetMenuItemInfoW
HideCaret
AttachThreadInput
GetTopWindow
SystemParametersInfoA

msvcrt

_except_handler3
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 617KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee68e62d378c9347e19740cde2bf3cbe

Headers

File Characteristics

Imports

shell32

imagehlp

gdi32

ole32

kernel32

oleaut32

user32

msvcrt

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 8KB - Virtual size: 617KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 8KB - Virtual size: 617KB

.rsrc
Size: 8KB - Virtual size: 4KB