ab13b500f46ab18a191e2d40951d8d73353a59b17d374b4f7f0cd61525ec1a43

Sharing

Copy URL Twitter E-mail

General

Target

ab13b500f46ab18a191e2d40951d8d73353a59b17d374b4f7f0cd61525ec1a43
Size

147KB
MD5

8085b1e09320295ce1ff386172fbaf76
SHA1

83276c71eb4e2cc7454282da12a8f5e2c52db159
SHA256

ab13b500f46ab18a191e2d40951d8d73353a59b17d374b4f7f0cd61525ec1a43
SHA512

d9b73f4e6cea3cfa9dea619b3b059bcf8c33d932fe5c6a2b24c68fde76fae02178b99bb989ab235bd3528c7ef8eb593b40d8169bcbcb4a82fd790a6727739670
SSDEEP

3072:/uzHVKrMZ2BgeJLibIJ6Q+xxGBMAIN8nDkQ9RBfyeHIA/v4:N/g0iuJq4Bfysg

Score

N/A

Malware Config

Signatures

Files

ab13b500f46ab18a191e2d40951d8d73353a59b17d374b4f7f0cd61525ec1a43
.exe windows x86

8b5d5224338448bb03177e7d1bb8f69a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

fread
__p__fmode
_controlfp
__setusermatherr
puts
__set_app_type
__p__commode
_wcsicmp
_acmdln
__getmainargs
exit
_unlock
_adjust_fdiv
_XcptFilter
_except_handler3
__lc_codepage
clock
vsprintf
iswspace
log10
_initterm

kernel32

VirtualProtect
IsValidCodePage
GetTempFileNameA
GetStartupInfoA
GetLocaleInfoA
Sleep
GlobalFree
DeleteFileA
GetOEMCP
GetExitCodeProcess
GetModuleHandleA
GetDateFormatA

user32

PtInRect
InflateRect
SetCapture
SetWindowPlacement
GetScrollRange
CreateWindowExA
RedrawWindow
MessageBoxA
SetScrollRange
IsWindowVisible
InsertMenuA

comctl32

ImageList_SetIconSize
CreatePropertySheetPageA
PropertySheetW
PropertySheetA
CreateToolbarEx
ImageList_AddMasked
ImageList_DragShowNolock
ImageList_SetOverlayImage
ImageList_LoadImageW
ImageList_ReplaceIcon
ImageList_Draw
CreateStatusWindowA
InitCommonControlsEx

oleaut32

SysAllocStringLen
SafeArrayCreate
GetErrorInfo
SetErrorInfo
VariantInit
VariantCopy
VariantClear
SafeArrayUnaccessData
VariantCopyInd

shell32

SHGetSpecialFolderPathA
DragAcceptFiles
SHGetSettings
ShellExecuteW
SHCreateDirectoryExA
SHGetFolderPathA
SHGetMalloc
SHGetFileInfo
ExtractIconExW
ExtractIconW
SHGetPathFromIDList

ole32

CreateILockBytesOnHGlobal
IsEqualGUID
CreateItemMoniker
CoRegisterMessageFilter
StgOpenStorage
CoTaskMemRealloc
ReleaseStgMedium
CoUninitialize
CoFreeUnusedLibraries

version

GetFileVersionInfoA
VerInstallFileW
GetFileVersionInfoW
VerQueryValueW
VerQueryValueA
VerFindFileW

gdi32

Rectangle
EnumFontFamiliesA
GetOutlineTextMetricsA
GetCharWidthW
GetTextMetricsW
OffsetClipRgn
ScaleWindowExtEx
GetTextExtentExPointW
ExtCreateRegion
GetTextCharsetInfo

advapi32

InitializeAcl
RegQueryInfoKeyW
LookupPrivilegeValueW
GetSecurityDescriptorDacl
RegCreateKeyExW

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b5d5224338448bb03177e7d1bb8f69a

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

comctl32

oleaut32

shell32

ole32

version

gdi32

advapi32

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 17KB - Virtual size: 41KB

.rsrc Size: 111KB - Virtual size: 110KB

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 17KB - Virtual size: 41KB

.rsrc
Size: 111KB - Virtual size: 110KB