85778566ff8f6980ac990b27cffe944de6930b952c10ace4f510dddf6a27df65

Sharing

Copy URL Twitter E-mail

General

Target

85778566ff8f6980ac990b27cffe944de6930b952c10ace4f510dddf6a27df65
Size

266KB
MD5

5dded37c186955415278fb13e129791d
SHA1

c248619000e3b6902855668d2907881d1a4fe5fd
SHA256

85778566ff8f6980ac990b27cffe944de6930b952c10ace4f510dddf6a27df65
SHA512

f3c9e98006bab7ca72df441771eb01a61c2bca553f7073418d159fa4a2242807f5d395235c989d27efb40c43c23dd714322bca2965486bbe7cf971083684919d
SSDEEP

1536:NXJexoJqZFTY5pP2NBckKnCJ7DZ1AuKmmmmmmmmmmmmmmmmmmmmSmmmmmmmmmmmr:9JeIUukKCJ7/vokay+EJS9FrQeAvLw

Score

N/A

Malware Config

Signatures

Files

85778566ff8f6980ac990b27cffe944de6930b952c10ace4f510dddf6a27df65
.exe windows x86

4d702e53989dc5d47874eeffa75e08c2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

AnyPopup
GetKeyboardLayoutNameW
GetUserObjectInformationA
GetComboBoxInfo
GetAltTabInfoA

comdlg32

ChooseColorA
ChooseFontA
GetOpenFileNameA
GetSaveFileNameA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA
GetUserNameA
CopySid
GetLengthSid
RegCreateKeyA
RegSetValueExA
RegDeleteKeyA
RegEnumKeyA
RegDeleteValueA
RegCreateKeyExA

gdi32

GetTextMetricsA
SetTextColor
SetBkMode
CreateFontA
RealizePalette
SetICMMode
GetWindowOrgEx
CombineTransform
RoundRect
GetDeviceCaps
GetGraphicsMode
GetCharWidthFloatW
CreateSolidBrush
GetCharABCWidthsFloatA
ExtTextOutW
GetBkMode
GetCharacterPlacementW
ExtTextOutA
CreatePalette
SelectPalette

kernel32

GetACP
VirtualAlloc
GetFileType
GlobalDeleteAtom
GetExitCodeThread
SetFilePointerEx
SetLastError
CloseHandle
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetFilePointer
FlushFileBuffers
GetLastError
LoadLibraryA
GetProcAddress
HeapReAlloc
GetOEMCP
GetCPInfo
HeapAlloc
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetModuleHandleA
GetStartupInfoA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
WinExec
Sleep
SetUnhandledExceptionFilter
GetModuleHandleW
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
IsValidCodePage
HeapSize
GetLocaleInfoA

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d702e53989dc5d47874eeffa75e08c2

Headers

DLL Characteristics

File Characteristics

Imports

user32

comdlg32

advapi32

gdi32

kernel32

Sections

.text Size: 39KB - Virtual size: 39KB

.rdata Size: 133KB - Virtual size: 133KB

.data Size: 23KB - Virtual size: 69KB

.rsrc Size: 69KB - Virtual size: 69KB

.text
Size: 39KB - Virtual size: 39KB

.rdata
Size: 133KB - Virtual size: 133KB

.data
Size: 23KB - Virtual size: 69KB

.rsrc
Size: 69KB - Virtual size: 69KB