0e4314de9e9e6e5e4d9dba86a5091dcba858aa9d79bc447dc8bb3c92a36c2495

Sharing

Copy URL Twitter E-mail

General

Target

0e4314de9e9e6e5e4d9dba86a5091dcba858aa9d79bc447dc8bb3c92a36c2495
Size

119KB
MD5

a3befe2920d7fcdc69c7c9c86784c988
SHA1

b2cf6bee18efc9228cc2afda4a91985423cba812
SHA256

0e4314de9e9e6e5e4d9dba86a5091dcba858aa9d79bc447dc8bb3c92a36c2495
SHA512

487b9234f4516004b2d748e706e4d1f63cfa719bf5ec0e6d619b5e1d79d5cec003232f297283d9e0ddb32f6c71cf562130871169b42de1ab34c49cc045d80c16
SSDEEP

3072:BcLXiCjihWBFQfp1qi0yUilEbW8MsiOR/O//cVHZSib:BmVdni1lEbJMsa//cV5h

Score

N/A

Malware Config

Signatures

Files

0e4314de9e9e6e5e4d9dba86a5091dcba858aa9d79bc447dc8bb3c92a36c2495
.exe windows x86

f9faf79d38b99c8499a287193b8fdba7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_adjust_fdiv
_XcptFilter
exit
fputc
_acmdln
_snprintf
log
_except_handler3
_open_osfhandle
_wcsicmp
_ftol
__p__commode
_initterm
strncpy
__getmainargs
__set_app_type
wcscmp
localeconv
_controlfp
__p__fmode
__setusermatherr
localtime
fflush
strcat

kernel32

GetModuleHandleA
GetCPInfo
lstrcpyA
GetStartupInfoA
WritePrivateProfileStringA
VirtualProtect

shell32

ShellExecuteW
ExtractIconA
SHGetSpecialFolderPathA
DoEnvironmentSubstW
Shell_NotifyIconA
SHCreateDirectoryExW
ExtractAssociatedIconW
DragAcceptFiles
DragFinish
SHFileOperationA
DragQueryFileW
SHGetFileInfoA
SHGetDesktopFolder
SHGetMalloc
SHGetPathFromIDListW
SHGetPathFromIDList

comctl32

ImageList_ReplaceIcon
CreatePropertySheetPageW
ImageList_DragEnter
ImageList_GetImageInfo
ImageList_AddMasked
PropertySheetW
ImageList_Replace
CreateToolbarEx
ImageList_DragLeave

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoSizeW
VerQueryValueW
VerInstallFileA
VerFindFileW
GetFileVersionInfoW
VerQueryValueA

oleaut32

SafeArrayPutElement
SysAllocStringLen
SafeArrayCreate
SetErrorInfo
SysStringByteLen
CreateErrorInfo
VariantInit
SafeArrayGetUBound
GetActiveObject

advapi32

AllocateAndInitializeSid
CryptAcquireContextA
AdjustTokenPrivileges
RegOpenKeyA
RegCreateKeyExA
GetLengthSid
RegEnumKeyExW
RegQueryValueA
RevertToSelf
RegOpenKeyExA
InitializeAcl
RegEnumValueW
RegQueryValueExW

ole32

OleInitialize
CoInitializeEx
CoTaskMemFree
OleSetClipboard
OleRun
StgOpenStorageOnILockBytes
CoTaskMemRealloc
DoDragDrop
CreateILockBytesOnHGlobal

gdi32

GetTextMetricsA
CreateDIBPatternBrushPt
MaskBlt
SelectObject
SetViewportExtEx
GetMetaFileBitsEx
GetPixel
Rectangle
GetMapMode

user32

IsChild
SetScrollPos
CreatePopupMenu
RemovePropA
SetActiveWindow
DialogBoxParamA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9faf79d38b99c8499a287193b8fdba7

Headers

File Characteristics

Imports

msvcrt

kernel32

shell32

comctl32

version

oleaut32

advapi32

ole32

gdi32

user32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 17KB - Virtual size: 39KB

.rsrc Size: 83KB - Virtual size: 83KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 17KB - Virtual size: 39KB

.rsrc
Size: 83KB - Virtual size: 83KB