8d44a1400d661038eef33817f344d20fb89dc7b53a824cf765a14044f0a416b3

Sharing

Copy URL Twitter E-mail

General

Target

8d44a1400d661038eef33817f344d20fb89dc7b53a824cf765a14044f0a416b3
Size

136KB
MD5

6cecd014f0a34129a6b2793db8d865c2
SHA1

8acbab0ad0bc76e9e6ed89dcb3b528a8039ae677
SHA256

8d44a1400d661038eef33817f344d20fb89dc7b53a824cf765a14044f0a416b3
SHA512

e1faddd885a103c9bd5f41db7c0fde93dba51eb776fc41a5a5b21a2afbf946b6c1a3ab47014043f605d1bb81ba04ea49cac0b5352cbdf63cb5d98960f677e6ad
SSDEEP

3072:QuDfkt8sYoK4IjO6y0HJqbtLpx7wl265QmKZYLMlG6nnAj:NkGLZHgbtLnwc65oiglG6

Score

N/A

Malware Config

Signatures

Files

8d44a1400d661038eef33817f344d20fb89dc7b53a824cf765a14044f0a416b3
.exe windows x86

65d23d7db8a86de3bbde41a31c7780ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

IsCharSpaceA
SHRegEnumUSKeyA
StrDupW
StrCmpNA
StrDupA

shell32

SHGetSpecialFolderPathA
SHCreateDirectoryExW

kernel32

GlobalMemoryStatus
SearchPathW
PeekNamedPipe
SetEndOfFile
SetEvent
GetCurrentThread
FindResourceExA
CopyFileW
GetNamedPipeInfo
GetBinaryTypeA
PulseEvent
ReleaseSemaphore
FindClose
_hwrite
FindAtomA
GetThreadPriority
WaitCommEvent
SetFileShortNameA
GetVersion
lstrcpyA
GetTempPathA
lstrcatW
lstrcmpiW
GetSystemInfo
lstrcmpiA
GetSystemTimeAdjustment
SetLocalTime
GetModuleHandleW
lstrlenA
FindResourceA
FileTimeToLocalFileTime
_lopen
GetLocalTime
FormatMessageA
CompareFileTime
SetThreadPriority

user32

IsCharAlphaNumericW
CharUpperA
MapDialogRect
SetActiveWindow
PrivateExtractIconsW
SetWindowPlacement
CharUpperBuffA
SetWindowPos
LookupIconIdFromDirectory
EndPaint
GetUpdateRgn
GetPropA
DeleteMenu
LoadCursorW
RemovePropA
SendMessageA
GetMenuItemInfoW
BeginPaint
GetDC
TranslateMessage
LoadAcceleratorsW
GetCursorInfo
InvalidateRect
EnumPropsA
PeekMessageW
TranslateAcceleratorA
DestroyCursor
EnableScrollBar
PostMessageA
DispatchMessageA
SetWindowTextA
ReleaseDC

gdi32

InvertRgn
CreateCompatibleBitmap
CreateDCW
DeleteDC
Polyline
GetSystemPaletteEntries
GetTextExtentPointA
SetBkColor
SetBoundsRect
CreateBitmapIndirect
GetObjectType
DeleteObject
ExcludeClipRect
GetCharWidthW
CreateDCA
LineDDA
PtVisible
OffsetClipRgn
CreateScalableFontResourceA
SetSystemPaletteUse

advapi32

ObjectCloseAuditAlarmW
EqualPrefixSid
EqualSid
PrivilegedServiceAuditAlarmA
IsValidSid

Exports

Exports

_Copy_Image@12
_Create_Image@12
_Set_Image@12
_Update_Image@12

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vars
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

EXPORT
Size: 512B - Virtual size: 155B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

IMPORT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65d23d7db8a86de3bbde41a31c7780ad

Headers

File Characteristics

Imports

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.code Size: 4KB - Virtual size: 3KB

.vars Size: 512B - Virtual size: 504B

EXPORT Size: 512B - Virtual size: 155B

IMPORT Size: 3KB - Virtual size: 2KB

.rsrc Size: 118KB - Virtual size: 117KB

.reloc Size: 1024B - Virtual size: 604B

.text
Size: 8KB - Virtual size: 8KB

.code
Size: 4KB - Virtual size: 3KB

.vars
Size: 512B - Virtual size: 504B

EXPORT
Size: 512B - Virtual size: 155B

IMPORT
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 118KB - Virtual size: 117KB

.reloc
Size: 1024B - Virtual size: 604B