61408bab1c0d8ec254baa56cef3718a2573eb5c7b005e092193b18ccfba0165a

Sharing

Copy URL Twitter E-mail

General

Target

61408bab1c0d8ec254baa56cef3718a2573eb5c7b005e092193b18ccfba0165a
Size

45KB
MD5

8483212359bed068c5411885d8a6e2b0
SHA1

22ad4453d45be2e0c4037de2d33b3ea1431de46d
SHA256

61408bab1c0d8ec254baa56cef3718a2573eb5c7b005e092193b18ccfba0165a
SHA512

30682081a2cf06d4b09aaa91db7546f8aada07fe61de5ba5732f566a8c94029850c630295208f7a197690ae831056b1d90bf1702274c718ded4396bea1bba038
SSDEEP

768:1TDzPDfVpZqmudRP+m/t4JfJpbkAkMFo2VTabJPex:1TDnVWddRGfJpkAkojabJPe

Score

N/A

Malware Config

Signatures

Files

61408bab1c0d8ec254baa56cef3718a2573eb5c7b005e092193b18ccfba0165a
.exe windows x86

1fc73c61ea41a0e561aabd0acbe2dc89

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

FindWindowA
DdeUninitialize
DdeClientTransaction
GetWindow
SetPropA
GetPropA
GetWindowThreadProcessId
DdeQueryNextServer
DdeConnectList
LoadStringA
GetClassNameA
GetDesktopWindow
DdeInitializeA
DdeFreeStringHandle
DdeCreateStringHandleA
DdeDisconnectList
wvsprintfA
CharNextA
GetLastActivePopup
SetForegroundWindow
wsprintfA
GetDlgItem
PeekMessageA
DispatchMessageA
SendDlgItemMessageA
GetClientRect
DestroyWindow
CreateDialogParamA
SetDlgItemTextA
GetSystemMenu
EnableMenuItem
LoadCursorA
SetCursor
SystemParametersInfoA
GetDC
ReleaseDC
GetSystemMetrics
MessageBoxA

kernel32

GlobalLock
LocalFree
OpenFile
Sleep
ord18
GlobalAlloc
GetPrivateProfileSectionA
GlobalFree
FindFirstFileA
FindClose
CreateFileA
WriteFile
lstrcatA
GetModuleFileNameA
GetPrivateProfileIntA
lstrlenA
DeleteFileA
SetFileAttributesA
GetLastError
MoveFileA
CloseHandle
lstrcpyA
LocalAlloc
lstrcpynA
GetDriveTypeA
MulDiv
WritePrivateProfileStringA
lstrcmpiA
WinExec
GetWindowsDirectoryA
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
_llseek
_lread
_lclose
_lopen
GetPrivateProfileStringA
lstrcmpA

gdi32

GetTextExtentPointA
GetTextExtentExPointA
GetDeviceCaps

shell32

ord34
ord49
ord162
ord164
ord64
ord35
ord94
SHAddToRecentDocs
ord23
ord96
SHGetSpecialFolderLocation
ord196
ord195
ShellExecuteEx
ord51
ord157
ord37
ord58
ord119
ord36
ord29
ord175
ord155
ord163
ord45
ord171
SHGetPathFromIDList
ord25
ord128
ord33
ord57
ord31
ord89
ord63
ord32
ord52
ord165
ord79

comctl32

ord324
ord321
ord233
ord234
ord326
ord73
ord323
ord320
ord17
ord357

advapi32

RegOpenKeyA
RegSetValueExA
RegQueryValueExA
RegSetValueA
RegCreateKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 32KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fc73c61ea41a0e561aabd0acbe2dc89

Headers

File Characteristics

Imports

user32

kernel32

gdi32

shell32

comctl32

advapi32

version

Sections

.text Size: 32KB - Virtual size: 35KB

.data Size: 1KB - Virtual size: 1KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 35KB

.data
Size: 1KB - Virtual size: 1KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 1KB