1d5842327361122339d412b6d06b02576157ae4d1ab4c7d5b7d416f2b09e4886

General

Target

1d5842327361122339d412b6d06b02576157ae4d1ab4c7d5b7d416f2b09e4886
Size

799KB
MD5

6887a816342d969923d38c12baecd8d8
SHA1

5ab425e1cc2773cb336248204dbf72b7242ddfdb
SHA256

1d5842327361122339d412b6d06b02576157ae4d1ab4c7d5b7d416f2b09e4886
SHA512

7fbcd237bed1a8d3883c057cb79130677ff852eea499c021f50dc6a1b5a010957d96016c9ba6f5b52b32a68e3dad6eae4add3ab3dec1c1f3f37aedfaaa9ac660
SSDEEP

24576:hYNj6dmqaVkDr4NFclxUfGktgnyVGLFFXwwJ4ncLk0:GwdmqauDyFy8gnyV0XZJLl

Score

N/A

Malware Config

Signatures

Files

1d5842327361122339d412b6d06b02576157ae4d1ab4c7d5b7d416f2b09e4886
.exe windows x86

db4761067cb69bc1726d1e24edc4bbc7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetFileAttributesW
HeapFree
CreateDirectoryW
GetFileAttributesW
GetPrivateProfileIntA
GetStringTypeA
CreateEventA
GetCurrentThread
GetVersionExA
DeviceIoControl
VirtualProtectEx
GetCurrentProcess
FindVolumeClose
GlobalLock
GlobalFlags
RemoveDirectoryA
CloseHandle
GetPrivateProfileSectionA
GetStdHandle
GetDriveTypeA
LoadLibraryA

shell32

DragAcceptFiles
DllUnregisterServer
DragFinish
SHGetSettings
DllUnregisterServer
DragQueryFileA
SHGetMalloc
ShellAboutA
ShellMessageBoxA
ExtractIconA
SHFree
DuplicateIcon
StrChrA

ntmarta

AccGetExplicitEntries
AccConvertAclToAccess
AccFreeIndexArray
AccConvertSDToAccess

uxtheme

CloseThemeData

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 789KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db4761067cb69bc1726d1e24edc4bbc7

Headers

File Characteristics

Imports

kernel32

shell32

ntmarta

uxtheme

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 508B

.rsrc Size: 789KB - Virtual size: 2.1MB

.import Size: 512B - Virtual size: 372B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 508B

.rsrc
Size: 789KB - Virtual size: 2.1MB

.import
Size: 512B - Virtual size: 372B