d1d1a3d3f03e1a81f44b0cbbcd2dbd4198be853c0cf54a40ec091397f057dc81

Sharing

Copy URL Twitter E-mail

General

Target

d1d1a3d3f03e1a81f44b0cbbcd2dbd4198be853c0cf54a40ec091397f057dc81
Size

508KB
MD5

19e4dada574e0161ef4b0f7933f3a4fb
SHA1

810a5f28f070d430f9e971796c37066df3964171
SHA256

d1d1a3d3f03e1a81f44b0cbbcd2dbd4198be853c0cf54a40ec091397f057dc81
SHA512

40295b93e2b92395a393b52b20f3401bd67b4a4cdc40c429dde403c341c3d1dafbaa3c805c664e6625bd820f2a20d166e37156f4bf0985e9917babff7cea1642
SSDEEP

6144:yg10Sfwm3BaTLMP1qO3gcrmu8gaCRaDYXOlKByNm3J6o9e96/YTwRTFQcLjeEAUq:lf33BIgwcrmuja58+Esy3UuY8BPNHdO

Score

N/A

Malware Config

Signatures

Files

d1d1a3d3f03e1a81f44b0cbbcd2dbd4198be853c0cf54a40ec091397f057dc81
.exe windows x86

34332992b4152767ad3ae5e2bd1f6127

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHBrowseForFolderW
ShellHookProc
ShellExecuteExW

user32

ValidateRgn
EnableMenuItem
GetPriorityClipboardFormat
RegisterClassA
DispatchMessageW
EnumClipboardFormats
wvsprintfW
RegisterClassExA
SwapMouseButton

comctl32

InitCommonControlsEx

comdlg32

GetSaveFileNameA
ChooseFontA

kernel32

LoadLibraryExA
WaitForDebugEvent
CompareStringW
GetConsoleMode
TlsAlloc
WideCharToMultiByte
SetFilePointer
TlsSetValue
HeapAlloc
GetOEMCP
TlsGetValue
LCMapStringW
CreateMutexA
IsBadWritePtr
GetCurrentProcess
GetStartupInfoA
CompareStringA
GetLocaleInfoA
GetCurrentThread
IsValidCodePage
FreeEnvironmentStringsW
VirtualProtectEx
GetTimeFormatA
HeapCreate
UnhandledExceptionFilter
LCMapStringA
SetUnhandledExceptionFilter
GetFileType
GetACP
CreateFileA
EnumSystemLocalesA
GetSystemTimeAsFileTime
HeapSize
GetLastError
GetModuleHandleA
GetModuleFileNameA
GetShortPathNameW
InterlockedIncrement
GetStringTypeA
GetTickCount
InitializeCriticalSectionAndSpinCount
WriteConsoleW
GetStartupInfoW
VirtualQuery
CloseHandle
FreeLibrary
ExitProcess
GetLocalTime
LoadLibraryA
HeapDestroy
ReadFile
OpenMutexA
GetStringTypeW
GlobalReAlloc
SetStdHandle
SetConsoleCtrlHandler
WriteConsoleA
VirtualAlloc
GetCurrentProcessId
IsDebuggerPresent
VirtualFree
TlsFree
GetTimeZoneInformation
GetDateFormatA
InterlockedExchange
DeleteCriticalSection
HeapReAlloc
GetStdHandle
HeapFree
GetCPInfo
Sleep
RtlUnwind
SetLastError
GetProfileStringA
FlushFileBuffers
GetModuleFileNameW
QueryPerformanceCounter
SetEnvironmentVariableA
WriteFile
GetCurrentThreadId
InterlockedDecrement
GetShortPathNameA
GetConsoleOutputCP
GetCommandLineW
IsValidLocale
GetEnvironmentStringsW
LeaveCriticalSection
GetCommandLineA
GetProcAddress
GetLocaleInfoW
MultiByteToWideChar
GetConsoleCP
GetUserDefaultLCID
EnterCriticalSection
GetModuleHandleW
TerminateProcess
SetHandleCount

Sections

.text
Size: 336KB - Virtual size: 336KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34332992b4152767ad3ae5e2bd1f6127

Headers

File Characteristics

Imports

shell32

user32

comctl32

comdlg32

kernel32

Sections

.text Size: 336KB - Virtual size: 336KB

.rdata Size: 52KB - Virtual size: 83KB

.data Size: 105KB - Virtual size: 105KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 336KB - Virtual size: 336KB

.rdata
Size: 52KB - Virtual size: 83KB

.data
Size: 105KB - Virtual size: 105KB

.rsrc
Size: 13KB - Virtual size: 12KB