fa5b89b8fae05795d83944321515e381f99b595cf12637cff9ccb3bb5ee418a0

Sharing

Copy URL Twitter E-mail

General

Target

fa5b89b8fae05795d83944321515e381f99b595cf12637cff9ccb3bb5ee418a0
Size

384KB
MD5

64907d2403c547ed1f9b95b76ae613d1
SHA1

65dcd989a75b425fede7b621adaa5022784b77e0
SHA256

fa5b89b8fae05795d83944321515e381f99b595cf12637cff9ccb3bb5ee418a0
SHA512

32710cb848ed6e4b3a58bc52299c318cc7b61516f0535019997b2ba5e49c8b60188bef308008291299b24e293177a2a0d38d36b2a08b423ce13298cc2da88587
SSDEEP

6144:lNB7MWh3991JXdT/ZL0GvpHCiEn6QWYh8Iw7BD2nyeWNmPj+:lLQm5dhkTn6QWAw7BDGyeWN

Score

N/A

Malware Config

Signatures

Files

fa5b89b8fae05795d83944321515e381f99b595cf12637cff9ccb3bb5ee418a0
.exe windows x86

56b47686e17fcc3a892c65198c03cf0a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

??3@YAXPAX@Z
??2@YAPAXI@Z
_except_handler3

kernel32

GetModuleHandleW
GetWindowsDirectoryW
GetModuleFileNameW
FreeLibrary
GetProcAddress
LoadLibraryW
TlsFree
InterlockedDecrement
TlsSetValue
InterlockedIncrement
TlsAlloc
TlsGetValue
CreateFileW
CloseHandle
FormatMessageW
GetLastError
GetFileAttributesW
lstrcpyW
TerminateThread
CreateThread
SetLastError
WriteFile
lstrlenA
GetSystemDefaultUILanguage
GetOEMCP
FreeResource
SizeofResource
LoadResource
FindResourceW

user32

EnableWindow
PostMessageW
WinHelpW
EndDialog
wsprintfA
SetDlgItemTextW
GetKeyboardLayout
InsertMenuW
wsprintfW
MsgWaitForMultipleObjects
SetWindowLongW
GetWindowLongW
LoadImageW
LoadIconW
GetDlgItem
GetClientRect
SendMessageW
DestroyIcon
SendDlgItemMessageW
LoadStringW
LoadStringA
DialogBoxParamW
GetSystemMetrics
PeekMessageW

ole32

ReleaseStgMedium

shlwapi

StrToIntW
StrToIntA
ord219
PathAppendW
PathBuildRootW
StrCatW

shell32

DragQueryFileW
SHChangeNotifySuspendResume
SHChangeNotify
ord155
SHGetFileInfoW
ord182
SHParseDisplayName
ShellExecuteW

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj5
Size: 2KB - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj50
Size: 2KB - Virtual size: 194B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj51
Size: 2KB - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj52
Size: 150KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj53
Size: 150KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj54
Size: 2KB - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj55
Size: 2KB - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fhj56
Size: 2KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fhj57
Size: 2KB - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj58
Size: 2KB - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fhj59
Size: 2KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1231
Size: 2KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JAKS
Size: 2KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.GAHS
Size: 2KB - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HAJS
Size: 2KB - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HnJS
Size: 2KB - Virtual size: 198B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SKALS
Size: 2KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SKAkS
Size: 2KB - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SfAkS
Size: 2KB - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.8AUqj
Size: 2KB - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.8AUq8
Size: 2KB - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JAHQK
Size: 2KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JAHSK
Size: 2KB - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JAHQJ
Size: 2KB - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56b47686e17fcc3a892c65198c03cf0a

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

ole32

shlwapi

shell32

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 3KB

.fhj5 Size: 2KB - Virtual size: 192B

.fhj50 Size: 2KB - Virtual size: 194B

.fhj51 Size: 2KB - Virtual size: 228B

.fhj52 Size: 150KB - Virtual size: 148KB

.fhj53 Size: 150KB - Virtual size: 148KB

.fhj54 Size: 2KB - Virtual size: 196B

.fhj55 Size: 2KB - Virtual size: 204B

.fhj56 Size: 2KB - Virtual size: 208B

.fhj57 Size: 2KB - Virtual size: 202B

.fhj58 Size: 2KB - Virtual size: 228B

.fhj59 Size: 2KB - Virtual size: 206B

.1231 Size: 2KB - Virtual size: 208B

.JAKS Size: 2KB - Virtual size: 208B

.GAHS Size: 2KB - Virtual size: 204B

.HAJS Size: 2KB - Virtual size: 588B

.HnJS Size: 2KB - Virtual size: 198B

.SKALS Size: 2KB - Virtual size: 208B

.SKAkS Size: 2KB - Virtual size: 216B

.SfAkS Size: 2KB - Virtual size: 236B

.8AUqj Size: 2KB - Virtual size: 202B

.8AUq8 Size: 2KB - Virtual size: 202B

.JAHQK Size: 2KB - Virtual size: 160B

.JAHSK Size: 2KB - Virtual size: 162B

.JAHQJ Size: 2KB - Virtual size: 126B

.rsrc Size: 18KB - Virtual size: 16KB

.reloc Size: 2KB - Virtual size: 256KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 3KB

.fhj5
Size: 2KB - Virtual size: 192B

.fhj50
Size: 2KB - Virtual size: 194B

.fhj51
Size: 2KB - Virtual size: 228B

.fhj52
Size: 150KB - Virtual size: 148KB

.fhj53
Size: 150KB - Virtual size: 148KB

.fhj54
Size: 2KB - Virtual size: 196B

.fhj55
Size: 2KB - Virtual size: 204B

.fhj56
Size: 2KB - Virtual size: 208B

.fhj57
Size: 2KB - Virtual size: 202B

.fhj58
Size: 2KB - Virtual size: 228B

.fhj59
Size: 2KB - Virtual size: 206B

.1231
Size: 2KB - Virtual size: 208B

.JAKS
Size: 2KB - Virtual size: 208B

.GAHS
Size: 2KB - Virtual size: 204B

.HAJS
Size: 2KB - Virtual size: 588B

.HnJS
Size: 2KB - Virtual size: 198B

.SKALS
Size: 2KB - Virtual size: 208B

.SKAkS
Size: 2KB - Virtual size: 216B

.SfAkS
Size: 2KB - Virtual size: 236B

.8AUqj
Size: 2KB - Virtual size: 202B

.8AUq8
Size: 2KB - Virtual size: 202B

.JAHQK
Size: 2KB - Virtual size: 160B

.JAHSK
Size: 2KB - Virtual size: 162B

.JAHQJ
Size: 2KB - Virtual size: 126B

.rsrc
Size: 18KB - Virtual size: 16KB

.reloc
Size: 2KB - Virtual size: 256KB