cf2f5ea6f9f0d48a7308710c0faafb72f662f40af81a4848061d190546705e5e

Sharing

Copy URL Twitter E-mail

General

Target

cf2f5ea6f9f0d48a7308710c0faafb72f662f40af81a4848061d190546705e5e
Size

135KB
MD5

5136b9588979e0749eac8780254b2541
SHA1

cf57ff1c973ce0eecc94d6309948273c2b8d9e02
SHA256

cf2f5ea6f9f0d48a7308710c0faafb72f662f40af81a4848061d190546705e5e
SHA512

4f414adf62680c1bb1a790acfefc294c987ef226ae7558647cfde249fcec3ae6472b600be61b268ef17680f597b4780e65a51f26e40377374399b427c6f9f606
SSDEEP

3072:doHezQ9vPw6nEC1fIhcT7kWhM2wk4/2x+rDa:IzFGcTdbwd

Score

N/A

Malware Config

Signatures

Files

cf2f5ea6f9f0d48a7308710c0faafb72f662f40af81a4848061d190546705e5e
.exe windows x86

25308472ed10a2161e829c4a104c00c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

memcpy

shlwapi

StrDupW
StrCmpNA
ord155
SHRegGetPathW
SHRegEnumUSKeyA
StrFormatByteSizeA

shell32

ord103
SHGetFolderPathA

kernel32

LoadLibraryA
GetSystemInfo
lstrcmpiW
lstrcatW
GetTempPathA
GetFileSize
SearchPathW
SetFilePointer
PeekNamedPipe
SetEndOfFile
GetProcAddress
SetFileShortNameW
CopyFileW
HeapDestroy
GetNamedPipeInfo
GetBinaryTypeW
FindClose
_hwrite
GlobalMemoryStatusEx
WaitForMultipleObjects
GetThreadPriority
WaitCommEvent
GetCurrentThreadId
ReleaseMutex
FindAtomW
lstrcpyA
lstrcmpiA
GetSystemTimeAdjustment
GetModuleHandleW
FindResourceA
LocalFileTimeToFileTime
FileTimeToSystemTime
FormatMessageW
_lcreat
DosDateTimeToFileTime
FileTimeToDosDateTime
FindResourceExW

user32

RemovePropW
EnumPropsW
EndPaint
GetWindow
SetWindowPos
CreateIconFromResource
CharUpperBuffA
IsCharAlphaNumericW
CharUpperA
MapDialogRect
SetActiveWindow
PrivateExtractIconsW
SetWindowPlacement
DeleteMenu
InvalidateRgn
SendMessageA
GetMenuItemInfoW
BeginPaint
TranslateMessage
LockWindowUpdate
GetCursorInfo
SetPropA
SetScrollPos
PeekMessageA
ReleaseDC
TranslateAcceleratorA
GetWindowRgn
LoadAcceleratorsA
SetWindowTextW
LoadCursorFromFileA
GetDC
GetDesktopWindow
PostMessageW
GetPropW
DispatchMessageA

gdi32

UpdateColors
SetTextCharacterExtra
OffsetClipRgn
AngleArc
SetBkColor
LineTo
Polyline
GetSystemPaletteEntries
GetTextExtentPointA
CreateScalableFontResourceA
SetBoundsRect
DeleteDC
ExcludeClipRect
CreateDCW
GetCharWidthW
CreateCompatibleBitmap
GetBitmapBits

advapi32

IsValidSid
EqualSid
PrivilegedServiceAuditAlarmA
ObjectCloseAuditAlarmW
EqualPrefixSid

Exports

Exports

_Copy_Bmp@12
_Create_Bmp@12
_Set_Bmp@12
_Update_Bmp@12

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vars
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zero
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

IMPORT
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 686B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25308472ed10a2161e829c4a104c00c0

Headers

File Characteristics

Imports

ntdll

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.code Size: 4KB - Virtual size: 3KB

.data Size: - Virtual size: 160B

.vars Size: 512B - Virtual size: 404B

.zero Size: 512B - Virtual size: 512B

IMPORT Size: 3KB - Virtual size: 3KB

.rsrc Size: 116KB - Virtual size: 115KB

.reloc Size: 1024B - Virtual size: 686B

.text
Size: 9KB - Virtual size: 8KB

.code
Size: 4KB - Virtual size: 3KB

.data
Size: - Virtual size: 160B

.vars
Size: 512B - Virtual size: 404B

.zero
Size: 512B - Virtual size: 512B

IMPORT
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 116KB - Virtual size: 115KB

.reloc
Size: 1024B - Virtual size: 686B