dec9bf0eeb1e643ecfefa6a1aa8928a7b398b3321060bba847928d7d8e13122c

Sharing

Copy URL Twitter E-mail

General

Target

dec9bf0eeb1e643ecfefa6a1aa8928a7b398b3321060bba847928d7d8e13122c
Size

147KB
MD5

a06a3aedd9fad6447ed7285ada0a7ac2
SHA1

9042f0070bbee24ff03c9321c7c0757e1b828f77
SHA256

dec9bf0eeb1e643ecfefa6a1aa8928a7b398b3321060bba847928d7d8e13122c
SHA512

084e3412d633a7fb8a5b2038685d09d0fc22d7f2d091467eea09b634473c1492f012d92e5d08914ec6bcb1c1e8561496e2ff3373f649766c8e8ca5b76b839a6f
SSDEEP

3072:arSxp8YGVofLkT4uVG2/T+c3+unfflWojabeG3bQCMimYJ9:Q5uEFiWnXlWEirQCA

Score

N/A

Malware Config

Signatures

Files

dec9bf0eeb1e643ecfefa6a1aa8928a7b398b3321060bba847928d7d8e13122c
.exe windows x86

503d0007e548c60754dbd27cf331be0a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStartupInfoA
SetFileTime
GetVersion
CompareStringW
GetStringTypeExA
CreateProcessW
lstrcmpiA
SetFileAttributesA
GetModuleHandleA
GetEnvironmentStringsW
GetEnvironmentStrings
VirtualProtect
GetStringTypeW

user32

InsertMenuItemA
GetSysColor
RemoveMenu
GetWindowRect
PostQuitMessage
EnableMenuItem
EqualRect
DefWindowProcA
GetClassInfoA
UnhookWindowsHookEx
GetClassNameA
KillTimer

msvcrt

log10
_wtoi
__set_app_type
exit
__getmainargs
__p__commode
__setusermatherr
_initterm
_acmdln
_mbsicmp
_getch
_except_handler3
__p__fmode
_XcptFilter
wcsncpy
_iob
_adjust_fdiv
localeconv

shell32

SHCreateDirectoryExA
SHGetDesktopFolder
ExtractAssociatedIconW
FindExecutableW
DragQueryFileA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHBrowseForFolderW
SHBindToParent
SHGetPathFromIDListA

oleaut32

SafeArrayGetElement
SetErrorInfo
SafeArrayPutElement
CreateErrorInfo
LoadTypeLib
SysAllocStringLen
SysFreeString
SysAllocStringByteLen
SafeArrayCreate

advapi32

RegQueryValueA
RegEnumKeyExW
RegEnumValueW
RegEnumValueA
RegCreateKeyA
RegQueryValueExA

comctl32

ImageList_LoadImageA
ImageList_Draw
ImageList_SetImageCount
ImageList_DrawEx
ImageList_Remove

ole32

CoTaskMemAlloc
OleRun
CoTaskMemFree
CoRegisterClassObject
CoRegisterMessageFilter
PropVariantClear
CoGetInterfaceAndReleaseStream

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

503d0007e548c60754dbd27cf331be0a

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

shell32

oleaut32

advapi32

comctl32

ole32

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 135KB - Virtual size: 135KB

.data Size: 6KB - Virtual size: 5KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 135KB - Virtual size: 135KB

.data
Size: 6KB - Virtual size: 5KB