56e18760f64995f8aaa0ace9b2934c31ba5d701ba29ffdbdee4ab785c0006cd1

Sharing

Copy URL

Twitter E-mail

General

Target

56e18760f64995f8aaa0ace9b2934c31ba5d701ba29ffdbdee4ab785c0006cd1
Size

256KB
MD5

850d2ae86c2c853f706478fc432b0b70
SHA1

784654ddb7d80c6bf15a92166f74c4c4ef67ea22
SHA256

56e18760f64995f8aaa0ace9b2934c31ba5d701ba29ffdbdee4ab785c0006cd1
SHA512

f9ddad4a1303218f624041546649223f577b47d690af0217510b73b31cc84028caa911fa55edd9a362b9b02dd09ccc1736a5a69e305b2b357fce5dc3435a769a
SSDEEP

6144:MV4xNwRjJ+X1NkxIVcp1bT+xkhlxuhuMOoi5ldM:eUwRd0z/Op1T+xk4hut95fM

Score

N/A

Malware Config

Signatures

Files

56e18760f64995f8aaa0ace9b2934c31ba5d701ba29ffdbdee4ab785c0006cd1
.exe windows x86

6d22df9ef40e5d4a94737bb775121989

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mapi32

ord75
ord135
ord17
ord140

kernel32

InitializeCriticalSection
CreateEventW
SetEvent
Sleep
GetVersion
GetVersionExW
GetCurrentProcessId
WaitForMultipleObjects
DuplicateHandle
CreateMutexW
CreateSemaphoreW
LocalFree
LocalAlloc
GetModuleHandleA
lstrcmpA
GetCurrentThread
GetTickCount
GetModuleFileNameW
GetTempPathW
GetTempFileNameW
GetProcessHeap
ExitProcess
GetStringTypeW
GetStringTypeA
WaitForSingleObject
GetCurrentThreadId
FileTimeToSystemTime
lstrcpynA
lstrlenA
GetLastError
MultiByteToWideChar
GetFullPathNameA
GetFileAttributesA
lstrcpynW
lstrlenW
GetFileAttributesW
LoadLibraryW
FreeLibrary
GetCurrentProcess
HeapCreate
GetCPInfo
OpenMutexW
GetLocaleInfoA
LoadLibraryA
QueryPerformanceCounter
GetEnvironmentStringsW
GetStartupInfoA
IsValidCodePage
GetOEMCP
GetVersionExA
RaiseException
SetUnhandledExceptionFilter
GetModuleFileNameA
TlsAlloc
GetACP
GetProcAddress

user32

MessageBoxW
PeekMessageW
SendDlgItemMessageA
DialogBoxIndirectParamW
DestroyCursor
InsertMenuA
GetMenuItemID
GetDesktopWindow
GetMenu
SetTimer
GetTopWindow
OpenClipboard
EndMenu
CharPrevA
LoadMenuW
GetKeyState
SetFocus
SetDlgItemTextA
wvsprintfW
LoadMenuIndirectW
GetClassInfoExW
EnableWindow
DialogBoxParamW
CharNextA
GetScrollPos

advapi32

EqualSid
RegQueryValueExA
RegOpenKeyA
FreeSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
RegEnumKeyW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegDeleteKeyA

shell32

SHGetDesktopFolder
ord680
ShellExecuteExW

ole32

CoCreateInstance

security

SealMessage
CompleteAuthToken

gdi32

StretchDIBits
CreateFontIndirectExW
GdiGetBatchLimit
RemoveFontResourceW
CreateMetaFileA
GetMetaFileW
RemoveFontResourceExW
RemoveFontResourceExA
CreatePalette
AddFontResourceA
TranslateCharsetInfo
CreateColorSpaceA

Sections

.text
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Ceqr
Size: 512B - Virtual size: 469KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.GR
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ZFO
Size: 108KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tLd
Size: 2KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.J
Size: 111KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d22df9ef40e5d4a94737bb775121989

Headers

File Characteristics

Imports

mapi32

kernel32

user32

advapi32

shell32

ole32

security

gdi32

Sections

.text Size: 13KB - Virtual size: 16KB

.Ceqr Size: 512B - Virtual size: 469KB

.rdata Size: 3KB - Virtual size: 50KB

.GR Size: 1KB - Virtual size: 8KB

.ZFO Size: 108KB - Virtual size: 111KB

.tLd Size: 2KB - Virtual size: 363KB

.data Size: 5KB - Virtual size: 311KB

.J Size: 111KB - Virtual size: 195KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 1KB - Virtual size: 4KB

.text
Size: 13KB - Virtual size: 16KB

.Ceqr
Size: 512B - Virtual size: 469KB

.rdata
Size: 3KB - Virtual size: 50KB

.GR
Size: 1KB - Virtual size: 8KB

.ZFO
Size: 108KB - Virtual size: 111KB

.tLd
Size: 2KB - Virtual size: 363KB

.data
Size: 5KB - Virtual size: 311KB

.J
Size: 111KB - Virtual size: 195KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 1KB - Virtual size: 4KB