096c595f66880c7a477dd5509096f38233774444d552bcd077b8c8596da093bf

Sharing

Copy URL Twitter E-mail

General

Target

096c595f66880c7a477dd5509096f38233774444d552bcd077b8c8596da093bf
Size

107KB
MD5

83ed814fcdaed6782b7f5eb3ecba499e
SHA1

2da5f5866dff90fe5af261703e1828ec9c53a14e
SHA256

096c595f66880c7a477dd5509096f38233774444d552bcd077b8c8596da093bf
SHA512

b389de58a27284ca268e679c919ecdc21a86b803ae99774691c568e230e408ac7013715c93df0f0bd6f651a582309df916685e5ecd861ad0bf290ae7cab0a8df
SSDEEP

1536:tBosjS9e/VM8Lkwma9pJd+U3wzSwVTlvUWV+sAjIrQLfwnac3Fy6iWXGA:tBosjS9e/+jU8U6HvUIA8UTwF9iWX7

Score

N/A

Malware Config

Signatures

Files

096c595f66880c7a477dd5509096f38233774444d552bcd077b8c8596da093bf
.exe windows x86

f84cc8daed0440421a09a6bd1a891d1c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
SetHandleCount
GetNumberFormatA
CreateFileMappingA
GlobalUnlock
InterlockedCompareExchange
GetSystemDirectoryA
GetSystemDirectoryW
SetFileTime
DeleteFileA
GlobalReAlloc
GetCurrentThreadId
GetDateFormatA
InterlockedIncrement

msvcrt

__p__fmode
wcslen
_exit
__set_app_type
realloc
free
_initterm
__setusermatherr
signal
_except_handler3
calloc
_XcptFilter
fputc
fopen
__p__commode
fwrite
_adjust_fdiv
__getmainargs
sinh
strlen
__p___initenv
_controlfp

comdlg32

GetOpenFileNameA

user32

DefWindowProcA
LoadBitmapA
GetSubMenu
TrackPopupMenu
DeleteMenu
GetSystemMetrics
SetWindowPos
IsWindow
OpenClipboard
SetRect
FrameRect
IsIconic
EmptyClipboard
SetDlgItemTextA
EnumThreadWindows
ShowCursor

comctl32

InitializeFlatSB
ImageList_Read
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Add
ImageList_DrawEx
ImageList_DragShowNolock
ImageList_SetDragCursorImage
PropertySheetW
ImageList_Replace
ImageList_Remove

gdi32

PolyBezierTo
ExtCreatePen
ExtEscape
CreateEnhMetaFileA
GetClipRgn
FillRgn
GetPaletteEntries
GetEnhMetaFileHeader
CreateSolidBrush
GetEnhMetaFileBits
GetCharWidthA
CopyMetaFileA

advapi32

SetSecurityDescriptorOwner
RegQueryValueA
OpenServiceA
RegDeleteValueW
RegCreateKeyExW
SetSecurityDescriptorGroup
DeregisterEventSource
FreeSid
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExA
RevertToSelf
SetSecurityDescriptorDacl
RegDeleteKeyA
RegQueryValueExW
ControlService

ole32

OleIsCurrentClipboard
DoDragDrop
CoInitialize
RevokeDragDrop
CoInitializeEx
CoInitializeSecurity
RegisterDragDrop
CoRevokeClassObject
CoRegisterClassObject
IsAccelerator
PropVariantClear
IIDFromString

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f84cc8daed0440421a09a6bd1a891d1c

Headers

File Characteristics

Imports

kernel32

msvcrt

comdlg32

user32

comctl32

gdi32

advapi32

ole32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 36KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 36KB

.rsrc
Size: 32KB - Virtual size: 32KB