16a529fc0e1646a9db37e81a26a045ee60169c960ceece89de2f9d1d441a899a

Sharing

Copy URL Twitter E-mail

General

Target

16a529fc0e1646a9db37e81a26a045ee60169c960ceece89de2f9d1d441a899a
Size

388KB
MD5

0ac652f1ebc9625c8e75671b32ad9240
SHA1

d3a4eb37f033dc76ddbe4e0a1b4ccd2c7aac95c9
SHA256

16a529fc0e1646a9db37e81a26a045ee60169c960ceece89de2f9d1d441a899a
SHA512

b2d23d40f17f54d351af161476563f3fcd7fd9e202c2b5cc562c3da911fbe6817e918d184b87e55aa6b780733de9beb57c8528c19815fba94b9ffd8fe78044e1
SSDEEP

12288:ReXpPsu3CVkmAu7HswMHWa4cUnS5jBrpG7O:RepR3CDAursL2anP5n

Score

N/A

Malware Config

Signatures

Files

16a529fc0e1646a9db37e81a26a045ee60169c960ceece89de2f9d1d441a899a
.exe windows x86

a9568a9538c8c37314ed0094cb7cd858

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumDateFormatsA
CloseHandle
lstrcpyA
SetEndOfFile
HeapSize
CreateFileA
FlushFileBuffers
HeapReAlloc
LoadLibraryW
SetFilePointer
WriteConsoleW
FindNextFileA
MultiByteToWideChar
LCMapStringW
CreateFileW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThread
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
SetConsoleMode
ReadConsoleW
Sleep
HeapCreate
GetModuleFileNameW
ExitProcess
DeleteCriticalSection
SetHandleCount
IsProcessorFeaturePresent
GetConsoleMode
EnterCriticalSection
GetLastError
FindFirstFileA
GetStdHandle
InitializeCriticalSection
LeaveCriticalSection
GetStringTypeW
GetProcessHeap
GetConsoleCP
WideCharToMultiByte
WriteFile
GetFileType
SetStdHandle
GetProcAddress
GetCurrentThreadId
SetLastError
GetModuleHandleW
ReadFile
TlsFree
TlsSetValue
GetTickCount
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
EncodePointer
DecodePointer
RtlUnwind
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue

user32

SetPropA
GetWindow
EndDeferWindowPos
SetWindowTextW
DestroyWindow
GetSystemMenu
GetWindowRect
FillRect
GetTopWindow
SetCapture
KillTimer
GetSubMenu
GetParent
LoadMenuA
LoadCursorW
GetClientRect
SendMessageA
DialogBoxParamA
GetUpdateRect
GetDC
GetMenu
BeginPaint
EnableMenuItem
IsWindowUnicode
GetDlgItem
ShowWindow
GetSysColorBrush
GetMenuItemCount
IsWindow
CreateWindowExW
DeferWindowPos
ReleaseCapture
BeginDeferWindowPos
MapWindowPoints
UpdateWindow
DestroyMenu
FindWindowA

gdi32

AddFontResourceA
ExtFloodFill
CreateDIBSection
DeleteObject
SelectObject
Polyline
GetStockObject
MoveToEx

comdlg32

ChooseFontA

ole32

CoCreateInstance
CoUninitialize
CoInitialize
RegisterDragDrop

oleaut32

SysAllocString
VariantInit
VariantClear

shlwapi

StrStrIA

comctl32

ImageList_Draw

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9568a9538c8c37314ed0094cb7cd858

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

ole32

oleaut32

shlwapi

comctl32

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 295KB - Virtual size: 294KB

.data Size: 14KB - Virtual size: 21KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 295KB - Virtual size: 294KB

.data
Size: 14KB - Virtual size: 21KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 7KB - Virtual size: 7KB