a011206c6abfb21ac254c6c4c6e5d7f4b70e08beead6a7b827730b82f7e9d11e

Sharing

Copy URL Twitter E-mail

General

Target

a011206c6abfb21ac254c6c4c6e5d7f4b70e08beead6a7b827730b82f7e9d11e
Size

292KB
MD5

0c7eb9a8cf8e6d229744f5c97614e6ab
SHA1

3b7181b415050696e115d774ef4a7b469328159b
SHA256

a011206c6abfb21ac254c6c4c6e5d7f4b70e08beead6a7b827730b82f7e9d11e
SHA512

bd6b02348b075e62dc6680dba5763819772da3fa63c4fda95179d342b4c0acdbad79e5eb05b2513e023e80b2455216c9d92871f40992a803ec8638f046311f82
SSDEEP

6144:M426a+E46ymsJUF2NBsBV6/hLjY4nrVunbJFW:tL+sT6cV8GVu6

Score

N/A

Malware Config

Signatures

Files

a011206c6abfb21ac254c6c4c6e5d7f4b70e08beead6a7b827730b82f7e9d11e
.exe windows x86

e1f9b0e912ecc6472f350af905bde970

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA
GetFileTitleA

comctl32

ImageList_DragShowNolock

version

VerFindFileA
GetFileVersionInfoSizeA
VerInstallFileA
VerQueryValueA

shlwapi

SHQueryInfoKeyA
PathIsContentTypeA
SHQueryValueExA
SHGetValueA
SHEnumValueA
SHDeleteKeyA
PathGetCharTypeA
SHDeleteValueA
SHGetValueA
SHStrDupA
SHDeleteKeyA
SHSetValueA
SHEnumValueA
PathIsContentTypeA

oleaut32

SafeArrayCreate
OleLoadPicture
RegisterTypeLib
SysAllocStringLen
VariantCopyInd
SafeArrayUnaccessData
SafeArrayGetElement
SysReAllocStringLen
SafeArrayGetUBound
RegisterTypeLib
SafeArrayGetUBound
SafeArrayPtrOfIndex

shell32

SHGetSpecialFolderLocation

user32

AdjustWindowRectEx
BeginPaint
CallNextHookEx

gdi32

SetTextColor
CreateDIBitmap
CreateBrushIndirect
GetObjectA

advapi32

RegQueryValueExA
RegEnumKeyExA

msvcrt

srand

ole32

CoGetObjectContext
WriteClassStm
CreateOleAdviseHolder
CoCreateInstanceEx

kernel32

ExitProcess
GetProcAddress
lstrlenA
GetModuleHandleA
VirtualAlloc
VirtualAllocEx
IsBadHugeReadPtr
LoadLibraryA
CloseHandle
GetCommandLineA
GetCommandLineW
Sleep
GetVersionExA
LoadLibraryExA
ExitThread
LocalAlloc

Sections

CODE
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 955B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 229KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ddata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1f9b0e912ecc6472f350af905bde970

Headers

File Characteristics

Imports

comdlg32

comctl32

version

shlwapi

oleaut32

shell32

user32

gdi32

advapi32

msvcrt

ole32

kernel32

Sections

CODE Size: 47KB - Virtual size: 46KB

.rdata Size: 1024B - Virtual size: 955B

.data Size: 8KB - Virtual size: 7KB

.gdata Size: 2KB - Virtual size: 1KB

.hdata Size: 229KB - Virtual size: 228KB

.ddata Size: 3KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 980B

CODE
Size: 47KB - Virtual size: 46KB

.rdata
Size: 1024B - Virtual size: 955B

.data
Size: 8KB - Virtual size: 7KB

.gdata
Size: 2KB - Virtual size: 1KB

.hdata
Size: 229KB - Virtual size: 228KB

.ddata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 980B