0be37f40a094323f46957144cb3a94ed296dc1bfd11bffc8e8d152fc5136d577

Sharing

Copy URL Twitter E-mail

General

Target

0be37f40a094323f46957144cb3a94ed296dc1bfd11bffc8e8d152fc5136d577
Size

60KB
MD5

966b87aea65093a4755e38376d9a3feb
SHA1

aa207864344858b7403070b3f00857edcef819b5
SHA256

0be37f40a094323f46957144cb3a94ed296dc1bfd11bffc8e8d152fc5136d577
SHA512

1d2bd676ee287f7d360ab3ca06681c33e555f22ffa812ec24f2f3f6772a8ac6b23f332634a3c19ec826c9a90ac5de3b98c12e75f22fd4494c18c9cbdb8e71dec
SSDEEP

1536:ZlTdTc1HezVBakRCiQMwQ82vEn57xqrpJ:ZZ7zWijwQHEVxqr/

Score

N/A

Malware Config

Signatures

Files

0be37f40a094323f46957144cb3a94ed296dc1bfd11bffc8e8d152fc5136d577
.exe windows x86

ebb3409e9f183c02a427345961502074

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathMakePrettyW
PathFindFileNameW

comdlg32

GetFileTitleW
GetSaveFileNameW
PrintDlgExW

gdi32

UnrealizeObject
ExtFloodFill
GetBitmapBits
GetTextExtentPoint32A
Polygon
GetWindowOrgEx

ntdll

memset
_stricmp

user32

DestroyWindow
RemoveMenu
SendMessageA
LockWindowUpdate
InsertMenuItemW
OemToCharBuffA
GetCaretPos
LoadBitmapW
SetClassLongW
CheckMenuRadioItem
GetDlgItem
FindWindowExW
GetMenuItemCount

kernel32

SuspendThread
ExitProcess
InterlockedExchange
lstrcmpiW
GetCurrentProcessId
lstrcatA
FileTimeToLocalFileTime
GlobalDeleteAtom
InterlockedExchangeAdd
ReleaseSemaphore
GetTempFileNameW

Exports

Exports

?flaXZFKRC_AYJVN@@YGPAXK@Z
?kdlg____K_w@@YGEG@Z
?OUTEOK_ev@@YGJI_N@Z
?ln_tk_cuclcm_T_@@YGXKG@Z
?_slv_ja_A@@YGKDI@Z
?dy_eawl__az@@YGXHJ@Z
?egmnzrhhp_a_lCXD_@@YGXHPAK@Z
?PG_HEO_UPDgyidywe_ripi@@YGXGE@Z
?FZPXH_BSO_l___jymWA_OG@@YGKJ@Z

Sections

.code
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.import
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 415B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ebb3409e9f183c02a427345961502074

Headers

File Characteristics

Imports

shlwapi

comdlg32

gdi32

ntdll

user32

kernel32

Exports

Exports

Sections

.code Size: 23KB - Virtual size: 23KB

.import Size: 1024B - Virtual size: 1024B

.data Size: 7KB - Virtual size: 143KB

.rdata Size: 22KB - Virtual size: 22KB

.edata Size: 512B - Virtual size: 415B

.rsrc Size: 2KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 1KB

.code
Size: 23KB - Virtual size: 23KB

.import
Size: 1024B - Virtual size: 1024B

.data
Size: 7KB - Virtual size: 143KB

.rdata
Size: 22KB - Virtual size: 22KB

.edata
Size: 512B - Virtual size: 415B

.rsrc
Size: 2KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 1KB