b8a97bf933023010504367100720f7ce3ec071c0b8aec85b1a42e1d5f9ce344c

Sharing

Copy URL Twitter E-mail

General

Target

b8a97bf933023010504367100720f7ce3ec071c0b8aec85b1a42e1d5f9ce344c
Size

138KB
MD5

93500219153905adc62312d9257837a0
SHA1

4d0bd4f2599e0d55eb1e32cf296b20e8b2080a1d
SHA256

b8a97bf933023010504367100720f7ce3ec071c0b8aec85b1a42e1d5f9ce344c
SHA512

3225ab414e4029ed64a021fe6d8700ff952a807a0397579660728415ba0aeb6cad601cda3a2dce4a5729315889392ded220895adfe6fa04468543024f0cc8f9b
SSDEEP

3072:2EsewpSxEOSCTH5LrdesHlfEBps9U4a1G5343qXwVbp8FsxE1:5Y0rxZEBObX943qXwVxS

Score

N/A

Malware Config

Signatures

Files

b8a97bf933023010504367100720f7ce3ec071c0b8aec85b1a42e1d5f9ce344c
.exe windows x86

cbea07554774a287e4ddb1561953ed5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_controlfp
sin
__p__fmode
log10
_except_handler3
_XcptFilter
_initterm
__set_app_type
exit
wcschr
_open_osfhandle
memcmp
__p___initenv
_acmdln
rename
strstr
ungetc
__p__commode
__setusermatherr
_adjust_fdiv
__mb_cur_max
__getmainargs

kernel32

CreateProcessA
lstrcpyA
lstrlenA
SetLastError
GetStringTypeExA
VirtualFree
GetStartupInfoA
FileTimeToSystemTime
GetModuleHandleA
IsBadCodePtr
SetStdHandle
IsDBCSLeadByte
VirtualProtect
DeleteFileW

user32

DrawIcon
wsprintfA
DestroyWindow
EmptyClipboard
SetWindowsHookExA
RegisterClipboardFormatA
OffsetRect
SetWindowPos
ShowOwnedPopups
GetCapture

gdi32

Rectangle
GetRgnBox
PlayEnhMetaFile
DeleteEnhMetaFile
GetMetaFileBitsEx
GetWinMetaFileBits
CreateEllipticRgn
SetPolyFillMode
PatBlt

ole32

CreateILockBytesOnHGlobal
RevokeDragDrop
StgOpenStorageOnILockBytes
GetRunningObjectTable
IsAccelerator
OleSetClipboard
DoDragDrop
IIDFromString
CLSIDFromProgID
CoTaskMemRealloc
OleDraw

oleaut32

VariantCopy
SysFreeString
SafeArrayPtrOfIndex
SysStringLen
SafeArrayGetElement
VariantClear
GetErrorInfo
GetActiveObject
SafeArrayGetUBound

version

VerInstallFileA
VerQueryValueW
VerInstallFileW
GetFileVersionInfoA
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerFindFileW

comctl32

CreatePropertySheetPageW
ImageList_BeginDrag
ImageList_GetBkColor
ImageList_EndDrag
CreateStatusWindowA
ImageList_LoadImageW
ImageList_Read
DestroyPropertySheetPage
ImageList_GetImageInfo
InitializeFlatSB
ImageList_GetIcon

advapi32

SetSecurityDescriptorDacl
FreeSid
OpenSCManagerA
LookupPrivilegeValueW
CryptCreateHash
RegFlushKey
OpenServiceA
OpenSCManagerW
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA

shell32

SHGetSettings
SHBrowseForFolderW

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cbea07554774a287e4ddb1561953ed5b

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

ole32

oleaut32

version

comctl32

advapi32

shell32

Sections

.text Size: 17KB - Virtual size: 16KB

.data Size: 17KB - Virtual size: 40KB

.rsrc Size: 103KB - Virtual size: 102KB

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 17KB - Virtual size: 40KB

.rsrc
Size: 103KB - Virtual size: 102KB