eb248dabbca1fced6efb7e07803cabde18737b9193c877b8dff55287c0f73a4b

Sharing

Copy URL Twitter E-mail

General

Target

eb248dabbca1fced6efb7e07803cabde18737b9193c877b8dff55287c0f73a4b
Size

179KB
MD5

83271ea1b867dbb5e83ffc48180af1df
SHA1

651c95c17c4b2831251cf16046b562b0e255dc9a
SHA256

eb248dabbca1fced6efb7e07803cabde18737b9193c877b8dff55287c0f73a4b
SHA512

0c57d6d34279d93eacc1c782c48316c631b80820ce519472163a4d076824dd243bb5176812385d3bfda9e3680b142e78b60f16968d2d710255da735479e2e728
SSDEEP

3072:TseNULO2TXU7d/kmeFXrGN0NMi5PrUR+sTYQaveG6y/b+JkarU6Xxov4MBffTyCu:TseNcO2LU7d/yRlnw+sTYQuB6mb/arU+

Score

N/A

Malware Config

Signatures

Files

eb248dabbca1fced6efb7e07803cabde18737b9193c877b8dff55287c0f73a4b
.exe windows x86

49bcbd29c246a80f4913f020eecb4100

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
VirtualFree
GetCurrentProcessId
ReadFile
FindResourceA
GetTickCount
EnterCriticalSection
MulDiv
GetCommandLineA
SetLastError
ResetEvent
GetStringTypeW
HeapDestroy
HeapAlloc
SetHandleCount
GetLocaleInfoA
GetCurrentThreadId
LocalAlloc
DeleteFileA
CreateEventA
LoadLibraryExA
GetFileAttributesA
LoadLibraryA
GetLocalTime
GetACP
GetOEMCP
VirtualQuery
CloseHandle
GlobalFindAtomA
GetLastError
GetDateFormatA
GetVersionExA
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
lstrcpyA
GetUserDefaultLCID
MoveFileExA
MoveFileA
CreateThread
WaitForSingleObject
LocalFree
GetStringTypeA
lstrcmpiA
lstrlenA
SetEvent
GetSystemDefaultLangID
GetStartupInfoA
GetFileSize
lstrcatA
GetProcAddress
LockResource
SizeofResource
GetCPInfo
CompareStringA
GetFullPathNameA
GetVersion
GetCurrentThread
GetProcessHeap
GetThreadLocale
ExitThread
Sleep
SetEndOfFile
GetModuleFileNameA
GlobalDeleteAtom
GetModuleHandleA
VirtualAlloc
lstrcmpA
GetDiskFreeSpaceA
ExitProcess
VirtualAllocEx
GetCurrentProcess
LoadResource
FreeResource
RaiseException
GetStdHandle

msvcrt

malloc
wcschr
wcstol
calloc
memset
tolower
rand
time
memcpy
strncmp
sqrt
exit
memmove
strcmp
swprintf

shell32

Shell_NotifyIconA
SHGetDesktopFolder
SHGetFileInfoA
SHGetFolderPathA
SHGetDesktopFolder
SHFileOperationA
SHGetFileInfoA
DragQueryFileA
Shell_NotifyIconA

ole32

CoFreeUnusedLibraries
OleRegGetUserType
CreateBindCtx
CreateOleAdviseHolder
CoUnmarshalInterface
StgCreateDocfileOnILockBytes
CoCreateFreeThreadedMarshaler
CoCreateGuid
CoReleaseMarshalData
StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal
StgOpenStorage
CoDisconnectObject
WriteClassStm
StringFromIID
CoCreateInstanceEx

comdlg32

ChooseColorA
GetFileTitleA
FindTextA
GetOpenFileNameA
ChooseColorA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA

advapi32

RegOpenKeyA
RegOpenKeyExA
RegDeleteKeyA
RegQueryInfoKeyA
RegEnumValueA
RegCreateKeyExA
GetLengthSid
RegEnumKeyA

version

GetFileVersionInfoA
VerFindFileA
VerQueryValueA

gdi32

CreatePalette
GetBitmapBits
CreateBrushIndirect
GetDIBColorTable
SetBkColor
RestoreDC
GetBitmapBits
SetPixel

comctl32

ImageList_Add
ImageList_Destroy
ImageList_Create
ImageList_DrawEx
ImageList_Add
ImageList_Destroy
ImageList_Write
ImageList_Read
ImageList_DragShowNolock
ImageList_Draw
ImageList_GetBkColor
ImageList_DragShowNolock
ImageList_Draw
ImageList_Create
ImageList_Add
ImageList_GetBkColor
ImageList_DrawEx
ImageList_Write
ImageList_Destroy
ImageList_Read
ImageList_Destroy

shlwapi

SHStrDupA
SHSetValueA
SHGetValueA
PathIsDirectoryA
SHEnumValueA
SHSetValueA
PathGetCharTypeA
PathIsContentTypeA
SHStrDupA
PathGetCharTypeA

oleaut32

VariantCopyInd
SafeArrayCreate
SysReAllocStringLen
SysStringLen
SysAllocStringLen
GetErrorInfo
SafeArrayPtrOfIndex
SysFreeString
OleLoadPicture
SafeArrayGetElement

ntdll

atol
atoi
wcscat
_wcsnicmp
RtlDeleteCriticalSection

user32

GetKeyNameTextA
DrawMenuBar
GetActiveWindow
GetMenu
GetDC
GetWindowTextA
DrawFrameControl
CreatePopupMenu
CreateMenu
ShowWindow
GetClassInfoA
GetCursor
DrawEdge
MessageBoxA
DeferWindowPos
FindWindowA
SetWindowLongA
GetMessagePos
GetCapture
GetClipboardData
IsDialogMessageA
ShowScrollBar
EnumThreadWindows
HideCaret
ClientToScreen
GetMenuItemID
BeginPaint
GetIconInfo
GetParent
CallNextHookEx
SetTimer
CheckMenuItem
DrawTextA
GetSysColorBrush
EndDeferWindowPos
GetDlgItem
GetKeyState
IsWindowVisible
DrawIcon
SetCursor
GetWindow
DefWindowProcA
DispatchMessageW
EnumWindows
CharLowerA
FillRect
EqualRect
DefFrameProcA
GetScrollInfo
EnableWindow
CallWindowProcA
EnumChildWindows
GetSysColor
GetClientRect
IsChild
GetMenuStringA
GetClassLongA
EnableMenuItem
GetScrollPos
CharLowerBuffA
DefMDIChildProcA
IsWindowEnabled
SystemParametersInfoA
GetFocus
GetLastActivePopup
DrawIconEx
IsMenu
GetForegroundWindow
RegisterClassA
SetWindowTextA
CharNextA
GetCursorPos
TrackPopupMenu
GetMenuItemInfoA
GetMenuState
DispatchMessageA
EndPaint
GetPropA
EnableScrollBar
BeginDeferWindowPos

Sections

CODE
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 113KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49bcbd29c246a80f4913f020eecb4100

Headers

File Characteristics

Imports

kernel32

msvcrt

shell32

ole32

comdlg32

advapi32

version

gdi32

comctl32

shlwapi

oleaut32

ntdll

user32

Sections

CODE Size: 56KB - Virtual size: 56KB

.idata Size: 113KB - Virtual size: 177KB

INIT Size: 8KB - Virtual size: 7KB

CODE
Size: 56KB - Virtual size: 56KB

.idata
Size: 113KB - Virtual size: 177KB

INIT
Size: 8KB - Virtual size: 7KB