2b1fb64e2caceac5b127062d43b3153c8884f85741c031d3c450666919f478ec

General

Target

2b1fb64e2caceac5b127062d43b3153c8884f85741c031d3c450666919f478ec
Size

66KB
MD5

a3972382526ac17ad8194fee5be7b9f0
SHA1

d3a7da8eb8a1ba0fff09766f83f66e9a65c6a24e
SHA256

2b1fb64e2caceac5b127062d43b3153c8884f85741c031d3c450666919f478ec
SHA512

58e095f421e1c3788ce3931bf606f1f48f915a1ce57112e49e52008b5d1864fc3b9889878edce66b4811335c04e42c714654b776750218af7c14498523520f77
SSDEEP

1536:KNLav3eg9NbYW0dK+Y3Uk9exxpEbyVVz3TgljguUm4ET8D:KNLW3e9W0kUNxxbUBg84e

Score

N/A

Malware Config

Signatures

Files

2b1fb64e2caceac5b127062d43b3153c8884f85741c031d3c450666919f478ec
.exe windows x86

1617acf6f41308c706f337c44c24d4b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrlenW
WriteConsoleW
HeapCreate
CopyFileW
DisconnectNamedPipe
lstrcpyW
CreatePipe
GetFileAttributesA
IsDebuggerPresent
GetLastError
CloseHandle
SetEvent
GetCurrentDirectoryA
GetStartupInfoA
GetStdHandle
SuspendThread
GetPriorityClass
WriteConsoleW
ClearCommBreak
WriteConsoleW
GetModuleHandleA

msftedit

SetCustomTextOutHandlerEx
RichListBoxWndProc
RichEditWndProc
RichComboBoxWndProc

shell32

SHGetDiskFreeSpaceA
SHFree
ShellAboutA
DuplicateIcon
DllUnregisterServer
DragQueryFileA
ExtractIconA
SHGetSettings
DragAcceptFiles
DragFinish
StrChrA
ShellMessageBoxA
SHGetMalloc

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impdata
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1617acf6f41308c706f337c44c24d4b3

Headers

File Characteristics

Imports

kernel32

msftedit

shell32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 776B

.rsrc Size: 57KB - Virtual size: 72KB

.rdata Size: 512B - Virtual size: 132B

.impdata Size: 512B - Virtual size: 80B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 776B

.rsrc
Size: 57KB - Virtual size: 72KB

.rdata
Size: 512B - Virtual size: 132B

.impdata
Size: 512B - Virtual size: 80B