03581fc3d55806046c63d912f69843c1ebd880c8fb58907c5de386c12f7fc49d

Sharing

Copy URL Twitter E-mail

General

Target

03581fc3d55806046c63d912f69843c1ebd880c8fb58907c5de386c12f7fc49d
Size

94KB
MD5

0ac095c922dd8c2689781cd908c5e549
SHA1

15cc0f952794db308ce8cac5ddf2dab52425cfab
SHA256

03581fc3d55806046c63d912f69843c1ebd880c8fb58907c5de386c12f7fc49d
SHA512

86fc6a5e360f4d9fe088df6ae9cec5492b5af5d5b3e8e49cc7d73df23930b5ad629644f7e38c29abbf1811a78e47b01171cd67975e967ac8893ae848e511e4b0
SSDEEP

1536:xGqSFtCdXsFuGChBoJYyne3oVjsyL0F8BrmcVKQuOKIiz76GjG+pfnbEtWrKyb:xausMVD3tyl/KQuO3GvIWrTb

Score

N/A

Malware Config

Signatures

Files

03581fc3d55806046c63d912f69843c1ebd880c8fb58907c5de386c12f7fc49d
.exe windows x86

2e2f7b62b7107b55a5505082918807d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strlen
_acmdln
__dllonexit
fputs
__p__commode
atexit
free
_stricmp
exit
memmove
__setusermatherr
calloc
_except_handler3
_setmode
_initterm
__getmainargs
__p__fmode
fflush
_adjust_fdiv
_exit
__set_app_type
malloc

kernel32

lstrcmpiW
GetStartupInfoA
SetErrorMode
LoadLibraryExW
Sleep
GetProcAddress
GetUserDefaultLangID
WriteFile
GlobalLock
DuplicateHandle
SetCurrentDirectoryA
ReadFile
FreeLibrary
WritePrivateProfileStringA

ole32

OleGetClipboard
CoLoadLibrary
StgCreateDocfileOnILockBytes
OleSetMenuDescriptor
IsAccelerator
StgOpenStorageOnILockBytes
OleFlushClipboard
ProgIDFromCLSID
CoTaskMemAlloc
CreateBindCtx
OleSetClipboard
OleIsCurrentClipboard

oleaut32

SysReAllocStringLen
CreateErrorInfo
VariantInit
SafeArrayUnaccessData
GetActiveObject
SysAllocStringByteLen
SysAllocStringLen
SafeArrayGetElement
SafeArrayRedim
VariantCopy
SysStringByteLen
SetErrorInfo
SafeArrayPtrOfIndex

advapi32

RegEnumKeyExW
SetSecurityDescriptorGroup
GetTokenInformation
OpenSCManagerW
AddAccessAllowedAce
GetSecurityDescriptorDacl
RegCreateKeyA
RegCloseKey
LookupPrivilegeValueW
OpenServiceW
SetSecurityDescriptorDacl
DeregisterEventSource
OpenServiceA
CryptCreateHash

gdi32

SelectObject
LineTo
TextOutA
GetTextFaceW
EnumFontFamiliesExA
GetTextExtentPoint32A
TextOutW
PolyBezierTo
SetBkMode
StartPage
AddFontResourceA
RoundRect
CreateDIBitmap

comctl32

ImageList_LoadImageW
ImageList_Replace
ImageList_DrawEx
PropertySheetW
CreatePropertySheetPageA
ImageList_GetImageCount
ImageList_BeginDrag
ImageList_DragEnter
CreatePropertySheetPageW
ImageList_SetDragCursorImage

user32

GetDlgItem
LoadBitmapA
CharNextA
SetWindowPos
PostQuitMessage
SetCursor
GetKeyState
SendDlgItemMessageA
SetTimer
DrawIcon
DefWindowProcA
ClientToScreen

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e2f7b62b7107b55a5505082918807d4

Headers

File Characteristics

Imports

msvcrt

kernel32

ole32

oleaut32

advapi32

gdi32

comctl32

user32

Sections

.text Size: 53KB - Virtual size: 52KB

.data Size: 24KB - Virtual size: 23KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 53KB - Virtual size: 52KB

.data
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 16KB - Virtual size: 15KB