3d8b25f2db5bb7311f6e73efb583f0cb25d0a2d92ed051b8741a5a2907140151

Sharing

Copy URL

Twitter E-mail

General

Target

3d8b25f2db5bb7311f6e73efb583f0cb25d0a2d92ed051b8741a5a2907140151
Size

668KB
MD5

faed0e9cac911c660724770e310a7990
SHA1

6f05fb543831c25b5f4d8746edbf9a26eb99d625
SHA256

3d8b25f2db5bb7311f6e73efb583f0cb25d0a2d92ed051b8741a5a2907140151
SHA512

dca1810bde549e4fb2f322e05132501502136c0c74f13d6008a50359f39b37d06b0b58192e31f6fe13868a571d1a78ea6bfc585be77a760800eb7d92b2a884b6
SSDEEP

12288:tW95NVZfszEZgYbiBye1KBsWt1r1/6YGfm9FBmlse+sLnQn1cW/n:tMdZEVBD1KSah1915q0WnAcWv

Score

N/A

Malware Config

Signatures

Files

3d8b25f2db5bb7311f6e73efb583f0cb25d0a2d92ed051b8741a5a2907140151
.exe windows x86

2d78564dfa5d87b328c7a5551b1e0f4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

DuplicateTokenEx
RegOpenKeyExA
CreateProcessAsUserA
RegQueryValueExA
RegDeleteKeyA
ConvertStringSidToSidA
SetTokenInformation
RegDeleteValueA
RegCreateKeyA

user32

DefWindowProcA
MessageBoxA
ShowWindow
DestroyWindow
RegisterClassExA
LoadStringA
RegisterClassA
LoadCursorA
CreateWindowExA
LoadBitmapA

shlwapi

PathQuoteSpacesA
PathIsRelativeA
PathFindFileNameA
PathRemoveExtensionA
PathStripToRootA
PathFindExtensionA
PathIsUNCA
PathAddBackslashA
PathFileExistsA

comdlg32

ReplaceTextA
GetSaveFileNameA
FindTextA

gdi32

IntersectClipRect
SetColorAdjustment
GetBitmapBits
ExtTextOutA
EnumMetaFile
GetTextFaceA
GetBkMode
CreateBrushIndirect
CreateFontA
SetMapperFlags
SelectClipRgn
GetNearestColor
PlayMetaFileRecord
GetObjectA
PolyDraw
CreateDIBitmap
CreateBitmapIndirect
GetArcDirection
SetWindowExtEx
PtInRegion
GetObjectType
Rectangle
ArcTo
GetNearestPaletteIndex
PatBlt
StretchDIBits
BitBlt
ResetDCA
Escape
CreateDIBPatternBrushPt
DeleteObject
CreateBitmap

kernel32

GetTimeFormatA
GetStringTypeW
VirtualQuery
DebugBreak
GetCurrentProcessId
LoadLibraryA
SetLastError
WriteConsoleA
CreateMutexA
GetConsoleOutputCP
GetFileType
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
Sleep
GetEnvironmentStrings
SetStdHandle
GetConsoleCP
GetStdHandle
TlsFree
HeapReAlloc
GetModuleHandleA
IsBadReadPtr
ExitProcess
CloseHandle
GetStringTypeA
GetACP
TlsSetValue
InterlockedIncrement
TerminateProcess
GetTimeZoneInformation
GetProcAddress
RtlUnwind
WriteConsoleW
OutputDebugStringW
LoadLibraryW
TlsAlloc
MultiByteToWideChar
LCMapStringW
SetConsoleCtrlHandler
GetCurrentThreadId
GetStartupInfoA
IsDebuggerPresent
QueryPerformanceCounter
LCMapStringA
HeapSize
VirtualAlloc
RaiseException
WriteFile
UnhandledExceptionFilter
HeapDestroy
GetCPInfo
FlushFileBuffers
CompareStringW
InitializeCriticalSectionAndSpinCount
VirtualFree
SetEnvironmentVariableA
InterlockedDecrement
GetEnvironmentStringsW
SetHandleCount
GetModuleHandleW
FreeEnvironmentStringsW
HeapFree
IsValidCodePage
GetModuleFileNameW
HeapAlloc
GetCommandLineA
CompareStringA
WaitForSingleObject
LocalFree
HeapValidate
ReadFile
GetOEMCP
SetUnhandledExceptionFilter
CreateFileA
SetFilePointer
OutputDebugStringA
GetConsoleMode
InterlockedExchange
GetLocaleInfoA
GetCurrentProcess
GetSystemTimeAsFileTime
GetModuleFileNameA
FreeEnvironmentStringsA
GetDateFormatA
GetLastError
HeapCreate
DeleteCriticalSection
InitializeCriticalSection
GetTickCount
TlsGetValue

ole32

StgOpenStorageOnILockBytes
CoDisconnectObject
OleSetMenuDescriptor
CoCreateInstance
CreateILockBytesOnHGlobal
OleCreate
OleSetContainedObject
OleRegGetUserType
CoTaskMemFree
WriteClassStm
CreateStreamOnHGlobal
OleUninitialize
OleRegEnumVerbs
OleCreateFromFile
ReleaseStgMedium
OleCreateLinkFromData
CreateItemMoniker
OleSaveToStream
OleRegGetMiscStatus
OleCreateFromData
StgIsStorageFile
CreateBindCtx
OleGetClipboard
CLSIDFromString
OleSave
StgCreateDocfileOnILockBytes
OleGetIconOfClass
WriteClassStg
OleInitialize
OleCreateLinkToFile

Sections

.text
Size: 224KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d78564dfa5d87b328c7a5551b1e0f4f

Headers

File Characteristics

Imports

advapi32

user32

shlwapi

comdlg32

gdi32

kernel32

ole32

Sections

.text Size: 224KB - Virtual size: 221KB

.rdata Size: 284KB - Virtual size: 283KB

.data Size: 72KB - Virtual size: 98KB

.rsrc Size: 84KB - Virtual size: 80KB

.text
Size: 224KB - Virtual size: 221KB

.rdata
Size: 284KB - Virtual size: 283KB

.data
Size: 72KB - Virtual size: 98KB

.rsrc
Size: 84KB - Virtual size: 80KB