db4a30d1518472233606c2b0f3e9157ccef733da92851d555b3edaeba6e285bc

Sharing

Copy URL Twitter E-mail

General

Target

db4a30d1518472233606c2b0f3e9157ccef733da92851d555b3edaeba6e285bc
Size

233KB
MD5

676bd213f7c530435cca0de053ddf780
SHA1

9df2288bc6f6454fa04e221f0dc5202f619368ce
SHA256

db4a30d1518472233606c2b0f3e9157ccef733da92851d555b3edaeba6e285bc
SHA512

84348723837ff631ab7e05bbaf59bbf169c1a1eacebcc7d903804223f5d39c78a3d32211575380baa6c4e2c8811b5211d6cd0477fd448de752edddeace8ad99c
SSDEEP

6144:WeF+IRTAHVGNOy0QTrH85UjjD75hQCs2cCCq:v60N75Trc5UjDgq

Score

N/A

Malware Config

Signatures

Files

db4a30d1518472233606c2b0f3e9157ccef733da92851d555b3edaeba6e285bc
.exe windows x86

de31040f5e7db7f8d2e204ea034032df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imjp81k

CreateIRegManInstance

kernel32

lstrlenA
LockResource
LoadResource
GetVersionExA
CreateFileW
DeleteFileW
FindFirstFileW
FindFirstFileA
FindNextFileW
FindNextFileA
FindResourceA
FindResourceExA
GetFullPathNameW
GetFullPathNameA
GetModuleFileNameA
InterlockedIncrement
InterlockedDecrement
GetSystemDefaultLangID
SetLastError
GetTimeFormatA
GetDateFormatA
GetThreadLocale
GetBinaryTypeA
GetWindowsDirectoryA
GetEnvironmentVariableA
SetFilePointer
lstrcatA
LocalFree
LocalAlloc
lstrcpynA
GetCurrentProcess
LCMapStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
lstrcpyA
HeapSize
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapFree
HeapAlloc
RtlUnwind
WaitForSingleObject
CreateMutexA
ReleaseMutex
GetSystemDefaultLCID
GetCurrentThreadId
GlobalHandle
OpenFileMappingA
GetStringTypeA
GetStringTypeW
SetConsoleCtrlHandler
SetStdHandle
FlushFileBuffers
lstrcmpiA
FindClose
lstrlenW
lstrcpyW
LCMapStringW
LoadLibraryA
WriteFile
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
DeleteFileA
GetTempPathA
GetTempFileNameA
CreateFileA
FreeLibrary
GetProcAddress
GetFileSize
ReadFile
GetCPInfo
Sleep
InterlockedExchange
IsDBCSLeadByteEx
GetACP
WideCharToMultiByte
GlobalReAlloc
GlobalLock
GlobalUnlock
GlobalFree
GlobalAlloc
CloseHandle
GetLastError
CreateThread
MultiByteToWideChar
GetOEMCP

user32

GetClipboardData
CloseClipboard
CharPrevA
SetForegroundWindow
UnregisterClassA
SetWindowTextA
SetWindowTextW
RegisterClassExA
LoadStringA
PostThreadMessageA
GetWindowTextA
GetWindowTextW
GetClassNameA
GetClassInfoExA
IsClipboardFormatAvailable
DrawTextA
DrawTextW
DialogBoxParamA
DefWindowProcA
CreateWindowExA
CreateDialogParamA
DialogBoxIndirectParamA
CreateDialogIndirectParamA
CallWindowProcA
LoadIconA
MessageBeep
BeginPaint
EndPaint
FillRect
IsDialogMessageA
OpenClipboard
wsprintfA
CharNextA
FindWindowA
PeekMessageA
WaitMessage
CheckDlgButton
LoadImageA
ShowWindow
SetFocus
UpdateWindow
SetRect
SetWindowPos
GetDC
ReleaseDC
LoadBitmapA
OemToCharA
CharToOemA
PostQuitMessage
DestroyWindow
GetMessageA
TranslateMessage
DispatchMessageA
GetClientRect
ClientToScreen
LoadCursorA
EndDialog
GetWindowLongA
GetParent
IsWindowUnicode
SetWindowLongA
GetWindowRect
MoveWindow
GetDlgItem
IsWindow
ScreenToClient
SendDlgItemMessageW
SendDlgItemMessageA
EnableWindow
PostMessageW
FindWindowExA
SendMessageW
SendMessageA
IsDlgButtonChecked
PostMessageA
GetDlgCtrlID

gdi32

GetTextColor
GetBkMode
DeleteObject
SetBkMode
TranslateCharsetInfo
SetTextColor
GetObjectA
CreateFontIndirectA
GetStockObject
SelectObject
GetDeviceCaps

comdlg32

GetOpenFileNameA
GetOpenFileNameW
CommDlgExtendedError

advapi32

RegDeleteKeyA
RegDeleteValueA
ConvertStringSecurityDescriptorToSecurityDescriptorA
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
OpenProcessToken
GetTokenInformation
GetSecurityDescriptorDacl
AllocateAndInitializeSid
IsValidSid
FreeSid
RegUnLoadKeyA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegEnumKeyExA
RegQueryValueExA
RegSetValueExA
RegEnumValueA

shell32

DragQueryFileW
DragFinish
DragAcceptFiles
DragQueryFileA

ole32

CoUninitialize
CoTaskMemFree
CoCreateInstance
CoInitialize

comctl32

ord17

Exports

Exports

FSqueezeInit
FSqueezeTerm
FSqueezeUty

Sections

.text
Size: 156KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

de31040f5e7db7f8d2e204ea034032df

Headers

File Characteristics

Imports

imjp81k

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

comctl32

Exports

Exports

Sections

.text Size: 156KB - Virtual size: 153KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 16KB - Virtual size: 27KB

.rsrc Size: 33KB - Virtual size: 33KB

.text
Size: 156KB - Virtual size: 153KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 16KB - Virtual size: 27KB

.rsrc
Size: 33KB - Virtual size: 33KB