8d0d18a0f7be111060a144b24ed4c28c94888e7aa602b37e74ff41291adbf6d3

Sharing

Copy URL Twitter E-mail

General

Target

8d0d18a0f7be111060a144b24ed4c28c94888e7aa602b37e74ff41291adbf6d3
Size

208KB
MD5

8071921104f4d3a106d5ec970189a380
SHA1

5c4e6266f4f5cb6c98bf3ba7dc5348d8fa3ffa25
SHA256

8d0d18a0f7be111060a144b24ed4c28c94888e7aa602b37e74ff41291adbf6d3
SHA512

dbb50f709d2e44854d94c6bef64f14fd20403cb549b6b4c378bee6c51187421d09ccc3edbd7312cc60983f50992d0ffa474475d8fdbe4a5c7851b71501bc9c58
SSDEEP

3072:kqwmOGqM8OROAO5UTS7vdWcoWxg7YjcZJQgh9/J84es5FaIMxeH4Q:kq0M8OQAO5WSocVxgGcj/SIMkYQ

Score

N/A

Malware Config

Signatures

Files

8d0d18a0f7be111060a144b24ed4c28c94888e7aa602b37e74ff41291adbf6d3
.exe windows x86

e0645631469507a53fff2b011b90023d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetStockObject
SetTextColor
CreateFontIndirectA
DeleteObject
GetDeviceCaps
SetBkColor
SelectObject
GetTextMetricsA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc

user32

MessageBoxA
UpdateWindow
UnregisterClassA
GetWindowLongA
PeekMessageA
CharNextA
DispatchMessageA
DestroyWindow
PostMessageA
PackDDElParam
CharPrevA
SetWindowTextA
BeginPaint
GetClientRect
EndPaint
DrawTextA
OffsetRect
IsWindow
PostQuitMessage
FindWindowA
GetSystemMetrics
ShowCursor
GetDC
ShowWindow
MoveWindow
ReleaseDC
BringWindowToTop
GetMessageA
TranslateMessage
wvsprintfA
SetFocus
InvalidateRect
LoadStringA
LoadCursorA
LoadIconA
UnpackDDElParam
ExitWindowsEx
wsprintfA
CreateWindowExA
DefWindowProcA
RegisterClassA
SendMessageA

comdlg32

GetOpenFileNameA

advapi32

AdjustTokenPrivileges
RegEnumKeyExA
OpenProcessToken
RegCloseKey
LookupPrivilegeValueA
RegSetValueExA
RegCreateKeyA
RegQueryInfoKeyA
RegOpenKeyExA
RegQueryValueExA

ole32

CoUninitialize
OleInitialize
OleUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysAllocStringLen
VariantChangeTypeEx
VariantClear
VariantTimeToSystemTime
RegisterTypeLi
LoadTypeLi

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
VerInstallFileA

kernel32

OpenFile
GlobalFree
CloseHandle
GetCPInfo
SetFilePointer
LCMapStringA
GetCurrentProcessId
LCMapStringW
VirtualFree
HeapCreate
VirtualAlloc
SetStdHandle
GetStdHandle
HeapDestroy
SetEndOfFile
GetCommandLineA
SetHandleCount
SetCurrentDirectoryA
GetCurrentDirectoryA
GetStartupInfoA
GetLocalTime
GetSystemTime
SetEnvironmentVariableA
HeapFree
HeapAlloc
GetTimeZoneInformation
ExitProcess
FileTimeToLocalFileTime
TerminateProcess
GetFileType
FileTimeToSystemTime
GetFileAttributesA
RemoveDirectoryA
GetVersion
GetWindowsDirectoryA
GetSystemDirectoryA
GetVersionExA
HeapReAlloc
CreateFileA
LocalFree
SystemTimeToFileTime
LocalFileTimeToFileTime
CreateDirectoryA
GetModuleHandleA
GetDriveTypeA
SetFileTime
LoadLibraryA
GetProcAddress
GetExitCodeProcess
FlushFileBuffers
CompareStringW
GetStringTypeW
GetStringTypeA
RtlUnwind
GetEnvironmentStringsW
GetEnvironmentStrings
LocalAlloc
GlobalDeleteAtom
_lread
_lwrite
_lclose
GetFileSize
GetPrivateProfileStringA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetACP
lstrcatA
lstrcpyA
lstrlenA
lstrcmpiA
OutputDebugStringA
SetFileAttributesA
CopyFileA
GetModuleFileNameA
FindClose
Sleep
IsDBCSLeadByte
WriteFile
FindFirstFileA
GetFullPathNameA
FreeLibrary
SetErrorMode
LocalLock
MoveFileExA
GlobalAddAtomA
CreateProcessA
GlobalAlloc
lstrcpynA
GlobalUnlock
GlobalLock
GlobalFindAtomA
CompareStringA
GetShortPathNameA
GetTempPathA
MoveFileA
DeleteFileA
ReadFile
GetTempFileNameA
GetLastError
GetCurrentProcess
MultiByteToWideChar
WideCharToMultiByte
LocalUnlock

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

��
Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e0645631469507a53fff2b011b90023d

Headers

File Characteristics

Imports

gdi32

shell32

user32

comdlg32

advapi32

ole32

oleaut32

version

kernel32

Sections

.text Size: 99KB - Virtual size: 98KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 15KB - Virtual size: 45KB

.rsrc Size: 15KB - Virtual size: 15KB

�� Size: 70KB - Virtual size: 72KB

.text
Size: 99KB - Virtual size: 98KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 15KB - Virtual size: 45KB

.rsrc
Size: 15KB - Virtual size: 15KB

��
Size: 70KB - Virtual size: 72KB