ce8a132c4d9a29569434a34813fb386c97d90ff7d8906a4949476356ba596a14

Sharing

Copy URL Twitter E-mail

General

Target

ce8a132c4d9a29569434a34813fb386c97d90ff7d8906a4949476356ba596a14
Size

183KB
MD5

917b05a760db98a4cfa22f44966d08c2
SHA1

b31ea3ae90efd0c3c29ccb9bf1dd90b56b2f27f7
SHA256

ce8a132c4d9a29569434a34813fb386c97d90ff7d8906a4949476356ba596a14
SHA512

a0ac2438d2b4260d282027a2d15f5debd4b3965a185e9a951ca7c4bcfb98cc835502484659c4519a064ba4dbda8f08bf492a28126d75bbb6c2de84c96ed4ad76
SSDEEP

3072:EH2hvkcWvdH9orT5V3ABMjJil/s4CQAjdrzkUGf4JTUGrsDNj1PPY10i2sTdZs1p:EWCH9orfKMj74C9dzCsYGQDN1O0LsRv

Score

N/A

Malware Config

Signatures

Files

ce8a132c4d9a29569434a34813fb386c97d90ff7d8906a4949476356ba596a14
.exe windows x86

9addfa9ddda1080ffea35d11f65f28d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

user32

SetRect
SetPropW
InvalidateRgn
InvalidateRect
GetClassLongW
CharNextW
CreateWindowExW
MessageBeep
RegisterWindowMessageW
SendDlgItemMessageA
GetClassInfoExW
WinHelpW
RemovePropW
GetPropW
CopyAcceleratorTableW
GetNextDlgTabItem
GetNextDlgGroupItem
IsRectEmpty
CharUpperW
DestroyMenu

advapi32

RegCloseKey
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyW
RegOpenKeyExW
RegEnumKeyW
RegQueryValueW
RegSetValueExW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW

ole32

OleInitialize
CoFreeUnusedLibraries
CoCreateInstance
OleIsCurrentClipboard
CoUninitialize
StgCreateDocfileOnILockBytes
CoTaskMemFree
OleFlushClipboard
CoRegisterMessageFilter
CoGetClassObject
CoTaskMemAlloc
CreateILockBytesOnHGlobal
CoInitialize
StgOpenStorageOnILockBytes
CLSIDFromProgID
CoRevokeClassObject
OleUninitialize
CLSIDFromString

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

GetLocaleInfoW
SetFileTime
DeleteFileW
GetCalendarInfoW
GetCurrentProcessId
GetModuleFileNameW
MultiByteToWideChar
WriteFile
GetThreadContext
EnumResourceLanguagesW
CreateFileW
GetSystemDefaultLangID
ReadFile
ConvertDefaultLocale
lstrcpyW
MoveFileW
EnumResourceNamesA
WideCharToMultiByte
InterlockedDecrement
SetFilePointer
LocalFileTimeToFileTime
SystemTimeToFileTime
GetVersion
RemoveDirectoryW
ExitProcess
FindNextFileW
FindFirstFileW
LoadLibraryW
GetCurrentDirectoryW
FindClose
GetFileAttributesW
CreateDirectoryW
GetProcAddress

gdi32

SetWindowExtEx
GetStockObject
TextOutW
GetDeviceCaps
ScaleWindowExtEx
GetTextColor
SetViewportOrgEx
SelectObject
ExtSelectClipRgn
ScaleViewportExtEx
OffsetViewportOrgEx
Escape
ExtTextOutW
RectVisible
GetMapMode
DeleteDC
GetBkColor
PtVisible
GetRgnBox

shlwapi

PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathFileExistsW
PathIsUNCW
PathRemoveFileSpecW
PathAppendW

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9addfa9ddda1080ffea35d11f65f28d4

Headers

File Characteristics

Imports

shell32

user32

advapi32

ole32

oleacc

kernel32

gdi32

shlwapi

Sections

.text Size: 104KB - Virtual size: 104KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 73KB - Virtual size: 73KB

.edata Size: 1024B - Virtual size: 368KB

.text
Size: 104KB - Virtual size: 104KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 73KB - Virtual size: 73KB

.edata
Size: 1024B - Virtual size: 368KB