44306c21fc04941b6dc1ec19f998df0eaec7584f9d55700dbfb2f0b34b7ac1c0

Sharing

Copy URL Twitter E-mail

General

Target

44306c21fc04941b6dc1ec19f998df0eaec7584f9d55700dbfb2f0b34b7ac1c0
Size

139KB
MD5

427c97224528fe3d89c0b9f09bcb6534
SHA1

a04247a6e90c0e6e997bd1bd88f85289cf1dd721
SHA256

44306c21fc04941b6dc1ec19f998df0eaec7584f9d55700dbfb2f0b34b7ac1c0
SHA512

98c1fc317ef9e074dcad5e2bc1c0cb8ce28b8c724685ee08b716e2368ff4250a311e4667911e6cbaa9b5ecb48d25348c5ec944f1c907b505eda17495865c6d39
SSDEEP

1536:X/w8xtN2svB3IRTw+6w9ec5hzokw/7cgP3qqulcPCgM+B0jUJamLD0VcExUEtO2X:IQN2sJ3IRSFXTcgPxFB0YJag0VVmrTE

Score

N/A

Malware Config

Signatures

Files

44306c21fc04941b6dc1ec19f998df0eaec7584f9d55700dbfb2f0b34b7ac1c0
.exe windows x86

a1c8a9aef0c19ebd5bdcd27bcc49754a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStartupInfoA
FreeEnvironmentStringsW
GetExitCodeProcess
GetModuleHandleA
ExitProcess
GlobalHandle
IsValidCodePage
GetUserDefaultLangID
VirtualProtect

msvcrt

isleadbyte
_adjust_fdiv
_initterm
_acmdln
perror
log
__set_app_type
sin
__p__commode
__p__fmode
_mkdir
_XcptFilter
iswdigit
fgetpos
__getmainargs
wcstol
strtok
_except_handler3
_filbuf
_mktemp
_ftol
__setusermatherr
ceil
_errno
wcsstr
exit

user32

SetPropA
FillRect
IsIconic
IsWindow
ReleaseCapture
OffsetRect
GetCursorPos
GetDCEx

version

VerInstallFileW
VerQueryValueW
VerInstallFileA
VerLanguageNameA
GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoW
VerFindFileW
VerQueryValueA

shell32

ShellExecuteW
SHGetPathFromIDListW
ShellExecuteEx
DragQueryFileW
SHCreateDirectoryExA
DragAcceptFiles
Shell_NotifyIconW
SHBrowseForFolder
ExtractIconExA
SHBrowseForFolderA

ole32

StringFromGUID2
CreateItemMoniker
CoFreeUnusedLibraries
IsEqualGUID
RevokeDragDrop
CoTaskMemFree
RegisterDragDrop
ProgIDFromCLSID
CoCreateGuid

oleaut32

SafeArrayPutElement
GetActiveObject
SafeArrayUnaccessData
SysStringLen
VariantClear
VariantCopy
SysReAllocStringLen
SafeArrayCreate
LoadTypeLib

advapi32

AddAccessAllowedAce
OpenServiceA
CryptReleaseContext
RegCreateKeyA
InitializeAcl
CryptHashData
RegCreateKeyExW
RegDeleteKeyA

comctl32

ImageList_LoadImageW
ImageList_AddMasked
ImageList_SetDragCursorImage
ImageList_Read
ImageList_GetImageInfo
ImageList_DragEnter
ImageList_Create
ImageList_EndDrag

gdi32

SaveDC
Arc
GetCharWidthA
CreateFontW
CreateCompatibleDC
GetROP2

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a1c8a9aef0c19ebd5bdcd27bcc49754a

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

version

shell32

ole32

oleaut32

advapi32

comctl32

gdi32

Sections

.text Size: 64KB - Virtual size: 63KB

.data Size: 48KB - Virtual size: 48KB

.rsrc Size: 25KB - Virtual size: 100KB

.text
Size: 64KB - Virtual size: 63KB

.data
Size: 48KB - Virtual size: 48KB

.rsrc
Size: 25KB - Virtual size: 100KB