ef35aa238966e6bc6a6dffcc8d947a163a2c46805e62cc6e8c3d04b2f17f8b8c

Sharing

Copy URL Twitter E-mail

General

Target

ef35aa238966e6bc6a6dffcc8d947a163a2c46805e62cc6e8c3d04b2f17f8b8c
Size

99KB
MD5

0f82b7765b55238e363d5736b01784b6
SHA1

3e767b3ebc9dcbfaa9f7b60613508e0021b683d3
SHA256

ef35aa238966e6bc6a6dffcc8d947a163a2c46805e62cc6e8c3d04b2f17f8b8c
SHA512

b5c0e93038846029602882c1cf2d0df93e2f63bbca1463680b636aa45bc3c36b1a66d6ab891688b05788a1257dfe8081d2bcfebac83294e33814550cf8aedcbd
SSDEEP

1536:NhVpAiEYrbHt55NyMhT6uq8pVtop+3ViC8k2DuW4zyngxVc8mk1Kb9NQUQ4:X/A2v5fq8A+UC8kHW4IEVcaKWU3

Score

N/A

Malware Config

Signatures

Files

ef35aa238966e6bc6a6dffcc8d947a163a2c46805e62cc6e8c3d04b2f17f8b8c
.exe windows x86

3a6c1fc5e6408138cc42a85428f5ba7c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

fprintf
strncmp
__setusermatherr
calloc
_onexit
atoi
__p__fmode
_exit
__p__commode
free
memset
__p___initenv
wcslen
fread
_except_handler3
sinh
memmove
memcpy
__getmainargs
__set_app_type
strchr
_adjust_fdiv
strcpy
_controlfp
__p__environ
_XcptFilter
_initterm

comdlg32

GetOpenFileNameA

kernel32

LCMapStringA
GetSystemDirectoryA
GetModuleHandleW
MoveFileA
CopyFileA
SetLastError
GetNumberFormatA
LCMapStringW
GetEnvironmentStringsW
GetCurrentThreadId
GetFullPathNameA
IsDebuggerPresent
DeleteFileW
IsBadReadPtr

user32

LoadIconA
DestroyWindow
WindowFromPoint
IsWindowVisible
DrawIcon
SetWindowLongA
SetDlgItemTextA
GetWindowTextA
DrawEdge
GetWindow
GetSystemMenu
IsZoomed
SetForegroundWindow
GetWindowRect
OemToCharA
SetRect

advapi32

LookupPrivilegeValueW
RegEnumKeyExW
DeregisterEventSource
GetLengthSid
RegOpenKeyExA
RegEnumValueA
DeleteService
SetSecurityDescriptorOwner
CloseServiceHandle
QueryServiceStatus
OpenServiceA
RevertToSelf
RegSetValueExW
CryptCreateHash

gdi32

SelectObject
StartDocA
GetTextExtentPoint32A
GetClipRgn
GetDIBits
DeleteEnhMetaFile
CreateEnhMetaFileA
ExtCreateRegion
GetViewportExtEx

comctl32

CreatePropertySheetPageW
CreateStatusWindowA
ImageList_ReplaceIcon
ImageList_Write
ImageList_GetImageCount
ImageList_Add
ImageList_GetIcon
ImageList_DragEnter
ImageList_Remove
CreateToolbarEx
ImageList_DragShowNolock

ole32

CoFreeUnusedLibraries
CoReleaseMarshalData
IsAccelerator
CoInitialize
OleRun
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
OleGetClipboard
RevokeDragDrop
CoGetMalloc
StringFromIID
CoLoadLibrary
StgOpenStorage

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a6c1fc5e6408138cc42a85428f5ba7c

Headers

File Characteristics

Imports

msvcrt

comdlg32

kernel32

user32

advapi32

gdi32

comctl32

ole32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 35KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 35KB

.rsrc
Size: 28KB - Virtual size: 27KB