fe8ae871d6d4b5cd61b531a926b5e62d77652da0edc77794edf565fccf65a129

General

Target

fe8ae871d6d4b5cd61b531a926b5e62d77652da0edc77794edf565fccf65a129
Size

294KB
MD5

54f8b183c699af31eb29043c0e91af60
SHA1

2626a0bcfe84f920d63434edfd45db91d67494e5
SHA256

fe8ae871d6d4b5cd61b531a926b5e62d77652da0edc77794edf565fccf65a129
SHA512

42e15824d343968746502988e6dde61b6b831551df8127f1e18e34a77769a7336d95c2c25a85feb7a46a5cf8f914515c33910286ad6ddebb5a2de60f4d35d9d6
SSDEEP

6144:tlA3QhczX1QKNfUxyGppcu4RlSgMiUPVoM/+Bg39hcwntSxXwloILj:tlCQ2LNs4Gp/4SD9oMn39hXsxg

Score

N/A

Malware Config

Signatures

Files

fe8ae871d6d4b5cd61b531a926b5e62d77652da0edc77794edf565fccf65a129
.exe windows x86

c6fb95c637962aac4ed5bfe793b3c130

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteConsoleW
GetModuleHandleA
CloseHandle
lstrlenW
lstrcpyA
CopyFileW
GetCommandLineA
WriteConsoleW
GetProcessHeap
SetEvent
GetCurrentDirectoryA
GetStartupInfoA
WriteConsoleW
DisconnectNamedPipe
GetFileAttributesW
SuspendThread
CreatePipe
HeapDestroy
GetPriorityClass
HeapCreate
GetStdHandle

msftedit

RichComboBoxWndProc
SetCustomTextOutHandlerEx
RichEditWndProc
RichListBoxWndProc

shell32

StrChrA
ExtractIconA
DllUnregisterServer
SHGetMalloc
DragFinish
ShellMessageBoxA
SHGetSettings
ShellAboutA
SHFree
DragAcceptFiles
DuplicateIcon
SHGetDiskFreeSpaceA
DragQueryFileA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 285KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impdata
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c6fb95c637962aac4ed5bfe793b3c130

Headers

File Characteristics

Imports

kernel32

msftedit

shell32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 776B

.rsrc Size: 285KB - Virtual size: 284KB

.rdata Size: 512B - Virtual size: 132B

.impdata Size: 512B - Virtual size: 108B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 776B

.rsrc
Size: 285KB - Virtual size: 284KB

.rdata
Size: 512B - Virtual size: 132B

.impdata
Size: 512B - Virtual size: 108B