d06f03182670e360d6b2c964ee5a356ef34608ce2c85179ef6f3b373206b60a7

Sharing

Copy URL Twitter E-mail

General

Target

d06f03182670e360d6b2c964ee5a356ef34608ce2c85179ef6f3b373206b60a7
Size

98KB
MD5

a18190e8d22f789d85c2b7550d35bb69
SHA1

0162257646e895da04a3f32d92145b088e1be346
SHA256

d06f03182670e360d6b2c964ee5a356ef34608ce2c85179ef6f3b373206b60a7
SHA512

72e685073c31058def539ca8b46e723279088eaea34e9779b1a86f0e3b95a1a4bc5d152fc22a6811be1a2f06b51e0433bfdfacd58ba08926bcdecda6ff30a539
SSDEEP

1536:VASgtSk1ZM+9dC6J5pNmd5ESWPfsOEtr5lfRCd+V6MAE6wZPxZuFCpK:VUtSk0+dX3LmcS7OEtY/wZPxZY

Score

N/A

Malware Config

Signatures

Files

d06f03182670e360d6b2c964ee5a356ef34608ce2c85179ef6f3b373206b60a7
.exe windows x86

1fd173a68ae8f316c7a4e050558e57ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
IsBadCodePtr
GetSystemDirectoryW
QueryPerformanceCounter
GetShortPathNameA
DuplicateHandle
GetNumberFormatA
GetStartupInfoW
DeleteFileA
lstrcmpA
GetCurrentThreadId
lstrcpyA
IsValidCodePage

msvcrt

__setusermatherr
_except_handler3
__p___initenv
memcpy
_strnicmp
strlen
_adjust_fdiv
atexit
__p__fmode
getenv
_XcptFilter
_cexit
_write
strchr
sinh
calloc
_exit
__getmainargs
__set_app_type
signal
_controlfp
fputc
fread
_initterm
_stricmp
__p__commode
free

comdlg32

GetOpenFileNameA

user32

DestroyIcon
SetWindowTextA
SetDlgItemTextA
ScrollWindow
RemovePropA
GetClientRect
GetMessagePos
GetSystemMenu
GetDesktopWindow
RegisterClipboardFormatA
InflateRect
RemoveMenu
DrawTextA
DeleteMenu
GetDlgItem

advapi32

RegOpenKeyA
OpenThreadToken
RegDeleteValueA
CryptCreateHash
CryptGenRandom
InitializeAcl
RegDeleteValueW
RegQueryValueA
RegDeleteKeyA
OpenServiceW
QueryServiceStatus
CloseServiceHandle
ControlService
OpenProcessToken

comctl32

ImageList_Remove
ImageList_GetIconSize
CreateToolbarEx
ImageList_ReplaceIcon
PropertySheetW
CreatePropertySheetPageA
ImageList_GetBkColor
ImageList_Draw
ImageList_Replace
DestroyPropertySheetPage
ImageList_Read
ImageList_GetIcon
ImageList_Destroy
ImageList_SetDragCursorImage
ImageList_Add
CreateStatusWindowA

ole32

OleDraw
OleIsCurrentClipboard
StringFromCLSID
CoReleaseMarshalData
IsEqualGUID
OleSetMenuDescriptor
CreateBindCtx
CoCreateGuid
CoGetClassObject
CreateStreamOnHGlobal
StringFromGUID2

gdi32

EndDoc
ExtFloodFill
OffsetClipRgn
GetTextExtentPointW
EndPage
GetNearestColor
LPtoDP
CloseMetaFile
SetWindowOrgEx
EnumFontFamiliesA
LineTo

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fd173a68ae8f316c7a4e050558e57ef

Headers

File Characteristics

Imports

kernel32

msvcrt

comdlg32

user32

advapi32

comctl32

ole32

gdi32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 38KB

.rsrc Size: 30KB - Virtual size: 30KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 38KB

.rsrc
Size: 30KB - Virtual size: 30KB