1f27142d3c65d414d8345e6d7fa55b533edcd7b928f9c2fdaf091655d1c7cd1c

Sharing

Copy URL Twitter E-mail

General

Target

1f27142d3c65d414d8345e6d7fa55b533edcd7b928f9c2fdaf091655d1c7cd1c
Size

129KB
MD5

5fa7af25fc5254f779c6e47a68ecf06d
SHA1

018dcc3be6e6371076307b2e7e038559d75fc758
SHA256

1f27142d3c65d414d8345e6d7fa55b533edcd7b928f9c2fdaf091655d1c7cd1c
SHA512

b1d5791f72308551bdd903fd5b9fa07b14b40aeb09dc94416b6646ba892d650265edd44c4a0534031318efff3d464d0c7590899787d01e0a8014c0884a52047f
SSDEEP

3072:LAemdYkFk8L+ohT0Pc2FPNhCEU1XwMBD+lmkX1:MwxNEn4U8

Score

N/A

Malware Config

Signatures

Files

1f27142d3c65d414d8345e6d7fa55b533edcd7b928f9c2fdaf091655d1c7cd1c
.exe windows x86

e165746adaa21f7e8765880034e366d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetStdHandle
GetStartupInfoA
GetModuleHandleA
CreateFileMappingA
GetExitCodeProcess
GetModuleFileNameA
GetDriveTypeA
LocalFileTimeToFileTime
InterlockedExchange
EnumCalendarInfoA
VirtualProtect

user32

SetRect
UnhookWindowsHookEx
UnregisterClassA
SendMessageA
LoadCursorA
wsprintfA

msvcrt

log10
wcscmp
strncpy
__getmainargs
_CIpow
strcat
exit
__mb_cur_max
__p__commode
__setusermatherr
_initterm
_strdup
floor
_adjust_fdiv
__set_app_type
strerror
sqrt
_fullpath
_XcptFilter
_acmdln
_except_handler3
__dllonexit
__p__fmode

advapi32

GetUserNameA
RegFlushKey
CryptHashData
RegEnumKeyW
RegOpenKeyA
RegEnumValueA
RegDeleteKeyA
LookupPrivilegeValueA
OpenThreadToken
RegQueryInfoKeyW
CloseServiceHandle

comctl32

ImageList_LoadImageA
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_EndDrag
ImageList_DragLeave
ImageList_Add
ImageList_DragShowNolock

version

VerLanguageNameA
VerFindFileW
VerInstallFileA

shell32

DragQueryFileW

ole32

OleInitialize
OleFlushClipboard
DoDragDrop
CoSetProxyBlanket
ReleaseStgMedium
CLSIDFromString
CoUninitialize
CoRegisterClassObject

oleaut32

SysStringLen
GetActiveObject
SysAllocStringLen
LoadTypeLib
SafeArrayGetElement
VariantClear
SysReAllocStringLen
SafeArrayRedim
SysStringByteLen

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e165746adaa21f7e8765880034e366d3

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

comctl32

version

shell32

ole32

oleaut32

Sections

.text Size: 91KB - Virtual size: 91KB

.data Size: 16KB - Virtual size: 16KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 91KB - Virtual size: 91KB

.data
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 20KB - Virtual size: 20KB