26787bde902d8f71d1065528138cecf606d3fae469451b508b851ec17116c48b

Sharing

Copy URL Twitter E-mail

General

Target

26787bde902d8f71d1065528138cecf606d3fae469451b508b851ec17116c48b
Size

443KB
MD5

8508834952da2e96c243602dc03c5ab3
SHA1

2c7d3184ca16272c7c948b420012e3b2b2936093
SHA256

26787bde902d8f71d1065528138cecf606d3fae469451b508b851ec17116c48b
SHA512

c7c49a4b882557f8b7a171e67a6144fc4847d2baf28c725945816f2f8d3c8c6daec6ac92ca04fe8f0794a6c6209963e2b838b3f7238a006984a4591e2ea0d51f
SSDEEP

6144:1gINwpbO5+g0QruhKCV5Lec/y1uSwWN+AGHEU8/+OFp3edGcH7FE+xC7bmplDDN:1Nn+g0YK/KuSwdVHEcOFxedbFEQ

Score

N/A

Malware Config

Signatures

Files

26787bde902d8f71d1065528138cecf606d3fae469451b508b851ec17116c48b
.exe windows x86

b57bc9038f88c44d34da604d7c944c75

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

CreateCompatibleBitmap
LineTo
SetROP2
CreateFontIndirectW
CreateSolidBrush
SetBkMode
SetBrushOrgEx
BitBlt
SelectPalette
Arc
SetTextColor
StretchBlt
CreateCompatibleDC
RealizePalette
SetStretchBltMode
GetObjectW

ole32

CoRegisterClassObject
StringFromCLSID
CoInitialize
CoTaskMemFree
FreePropVariantArray
CoAllowSetForegroundWindow
CreateStreamOnHGlobal

msvcrt

realloc
wcsncpy
__set_app_type
??1type_info@@UAE@XZ
_adjust_fdiv
__RTDynamicCast
__setusermatherr
_cexit
_exit
_initterm

shell32

ShellExecuteW
ExtractIconExW
SHGetPathFromIDListW
ord16
SHGetFileInfoW
ord152
SHParseDisplayName

shlwapi

PathRemoveFileSpecW
wnsprintfW
ord186
StrCpyNW

gdiplus

GdipImageRotateFlip
GdipGetImageDecodersSize
GdipGetImageHeight
GdiplusShutdown
GdipLoadImageFromFile
GdipGetImageEncoders
GdiplusStartup

user32

OffsetRect
GetWindowTextLengthW
SetCursor
ReleaseDC
SetFocus
InflateRect
IsWindowEnabled
GetLastActivePopup
GetDC
CopyIcon
GetForegroundWindow
ShowWindow
GetClassInfoW
DispatchMessageW
EnableWindow
CharNextW
SetDlgItemTextW
SendMessageW
GetWindowRect
IntersectRect
GetWindowThreadProcessId
ReleaseCapture
DefWindowProcW
LoadIconW
SendDlgItemMessageW
GetPropW
CallWindowProcW
wsprintfW
WinHelpW
MessageBeep
PostMessageW
TranslateAcceleratorW
RemovePropW

advapi32

RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
OpenSCManagerW

kernel32

WaitForSingleObject
GetTickCount
CreateProcessW
FindFirstFileW
GetModuleFileNameW
MoveFileW
GetShortPathNameW
FindResourceW
GetCurrentProcess
HeapDestroy
CreateDirectoryW
GetWindowsDirectoryW
GetTickCount
CloseHandle
FindClose
GetProcAddress
GetDateFormatW
GetLastError
lstrlenW
QueryPerformanceCounter
GlobalAlloc
UnhandledExceptionFilter
GetModuleHandleA
DuplicateHandle
GetHandleInformation
TerminateProcess
ReleaseMutex
lstrcpyW
CreateEventA
WaitForSingleObject
VirtualAllocEx
LeaveCriticalSection
InterlockedDecrement

Sections

.text
Size: 404KB - Virtual size: 404KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b57bc9038f88c44d34da604d7c944c75

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

ole32

msvcrt

shell32

shlwapi

gdiplus

user32

advapi32

kernel32

Sections

.text Size: 404KB - Virtual size: 404KB

.data Size: 31KB - Virtual size: 31KB

.rsrc Size: 6KB - Virtual size: 328KB

.text
Size: 404KB - Virtual size: 404KB

.data
Size: 31KB - Virtual size: 31KB

.rsrc
Size: 6KB - Virtual size: 328KB