ffc98a7afe3e5a7644112bac0b9c8b7e52d8cd8299b5dc98e76d5bf2fe4f4ecb

Sharing

Copy URL

Twitter E-mail

General

Target

ffc98a7afe3e5a7644112bac0b9c8b7e52d8cd8299b5dc98e76d5bf2fe4f4ecb
Size

88KB
MD5

520723c0a2d853cd8ac09861de37d6c0
SHA1

779ab56b4179e135d021dcaa7e86fe2a3eeec321
SHA256

ffc98a7afe3e5a7644112bac0b9c8b7e52d8cd8299b5dc98e76d5bf2fe4f4ecb
SHA512

feff9411ae96f57ecba63ccb74f3db5e12b636b2ea00aa795dd24b4b4637bc274e041d02e8dc173bf1ba825352c18f8785b13f44e70ad04d7559a56925b12c54
SSDEEP

1536:lB1jvuHufUjr73izSDHxiGWVqoKfx0Esiv4Q:PBvopr3GURHW2yiv1

Score

N/A

Malware Config

Signatures

Files

ffc98a7afe3e5a7644112bac0b9c8b7e52d8cd8299b5dc98e76d5bf2fe4f4ecb
.exe windows x86

0d820ffcf80c512296ccda254d7cc89b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_itow
swprintf
__set_app_type
_snprintf
_acmdln
srand

shlwapi

StrChrA

comdlg32

GetSaveFileNameA
FindTextA
ChooseColorA
GetOpenFileNameA

shell32

SHGetDiskFreeSpaceA
SHGetDesktopFolder

user32

DrawIcon
GetSysColorBrush
EnableWindow
CreatePopupMenu
DrawEdge
IsWindowEnabled
GetActiveWindow
DispatchMessageW
GetCursorPos
GetClassInfoA
IsMenu
DrawTextA
DrawFrameControl
SetWindowPos
GetClipboardData
FindWindowA
GetMenuItemID
GetFocus
BeginDeferWindowPos
GetClientRect
BeginPaint
GetScrollPos
RegisterClassA
GetSubMenu
ShowScrollBar
IsChild
EnableMenuItem
IsWindowVisible
GetIconInfo
FillRect
GetMenuState
GetPropA
GetCapture
DefFrameProcA
IsDialogMessageA
DrawIconEx
GetMessagePos
GetKeyNameTextA
ShowWindow
ClientToScreen
SetCursor
MessageBoxA
DefWindowProcA
FrameRect
GetDC
DefMDIChildProcA
CallWindowProcA
GetScrollInfo
GetWindowTextA
CallNextHookEx
GetSysColor
SystemParametersInfoA
GetMenuItemCount
CharToOemA
GetCursor

kernel32

FormatMessageA
GlobalDeleteAtom
SetEndOfFile
lstrcmpA
FindFirstFileA
CloseHandle
InitializeCriticalSection
GetLocalTime
GetVersion
SetLastError
GetEnvironmentStrings
LocalReAlloc
Sleep
CreateFileA
lstrcmpiA
SetErrorMode
LoadLibraryA
lstrcpyA
CompareStringA
EnumCalendarInfoA
WriteFile
GetCurrentThreadId
HeapAlloc
GlobalFindAtomA
GetUserDefaultLCID
GetCurrentProcessId
VirtualFree
GlobalAddAtomA
GetProcAddress
GetCommandLineA
GetModuleFileNameA
GetLocaleInfoA
GetSystemDefaultLangID
GetCurrentProcess
GetThreadLocale
lstrcpynA
GetModuleHandleA
GetFileType
HeapDestroy
GetDateFormatA
GetStringTypeA
GetVersionExA
LoadLibraryExA
GetACP
ExitProcess
SetThreadLocale
SetHandleCount
GetDiskFreeSpaceA
GetCurrentThread
CreateThread
GetFileAttributesA
lstrlenA
ResetEvent
GetProcessHeap
GetFullPathNameA
LocalFree
MoveFileExA
LoadResource
VirtualQuery
VirtualAlloc
WideCharToMultiByte

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 65KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

BSS
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 571B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d820ffcf80c512296ccda254d7cc89b

Headers

File Characteristics

Imports

msvcrt

shlwapi

comdlg32

shell32

user32

kernel32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 6KB - Virtual size: 6KB

.edata Size: 65KB - Virtual size: 89KB

BSS Size: 5KB - Virtual size: 5KB

.rsrc Size: 1024B - Virtual size: 571B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 6KB - Virtual size: 6KB

.edata
Size: 65KB - Virtual size: 89KB

BSS
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 571B