de8839b39b5de8aa3dd4223f442180ce3efcd243182aa291577d469a51b0c5ef

Sharing

Copy URL Twitter E-mail

General

Target

de8839b39b5de8aa3dd4223f442180ce3efcd243182aa291577d469a51b0c5ef
Size

48KB
MD5

515eb55b6fcbf9303388a6d451c496fa
SHA1

15efca56114a35a34820c4eb9e9b80e079bd07d5
SHA256

de8839b39b5de8aa3dd4223f442180ce3efcd243182aa291577d469a51b0c5ef
SHA512

abe3aae87c0e15d9d21e79222702c953f8a250fc574d6a48cd29c9cce15dbd6b1f4e0cc906118a171c8eaa6e5a75d20ffc9bb43c7d10a7208964eb1488e86750
SSDEEP

768:0dZXoy0vvucAZabmsDtHExKlhs6lJUA4Vl2x2C7TYuzQ42yASTJ:M2JvvucAAlkx+hs6lJU9VlEls4jJ

Score

N/A

Malware Config

Signatures

Files

de8839b39b5de8aa3dd4223f442180ce3efcd243182aa291577d469a51b0c5ef
.exe windows x86

7d164400402e9a1ca59a69251737fc6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shelldll

ShellSetPTPAndAlertingInterfaces
ShellCommandLineExec

mfc71

ord2063
ord4326
ord6276
ord3801
ord6278
ord4014
ord4038
ord3683
ord4541
ord314
ord1084
ord265
ord1482
ord781
ord310
ord783
ord557
ord745
ord870
ord784
ord5715
ord1185
ord6006
ord762
ord876
ord578
ord1187
ord1191
ord1207
ord2731
ord2537
ord5566
ord5213
ord5230
ord764
ord3830
ord4568
ord3948
ord2248
ord5226
ord5224
ord2931
ord1920
ord3832
ord5382
ord6219
ord5102
ord1010
ord3806
ord5583
ord2018
ord1054
ord5975
ord304
ord566
ord581
ord1167
ord1092
ord1209
ord757
ord315
ord765
ord714
ord3333
ord4261
ord4481
ord3949
ord2644
ord3709
ord3719
ord3718
ord2533
ord2646
ord2540
ord2838
ord2714
ord4307
ord2835

msvcr71

_setmbcp
_controlfp
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
_onexit
__dllonexit
?terminate@@YAXXZ
__security_error_handler
memset
_purecall
free
__CxxFrameHandler
_except_handler3

kernel32

GetModuleHandleA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
ExitProcess
LocalAlloc
LocalFree
GetCurrentThreadId
GetLastError
MultiByteToWideChar
DeleteCriticalSection
InitializeCriticalSection
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange

comctl32

ord17

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysFreeString
SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantClear
SysAllocStringLen

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lrdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7d164400402e9a1ca59a69251737fc6e

Headers

File Characteristics

Imports

shelldll

mfc71

msvcr71

kernel32

comctl32

ole32

oleaut32

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 776B

.lrdata Size: 20KB - Virtual size: 20KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 776B

.lrdata
Size: 20KB - Virtual size: 20KB