8f1b1814a1ba0dbae1d6230f2e2547f53a936d6855615a246f8ca259d57818b4

General

Target

8f1b1814a1ba0dbae1d6230f2e2547f53a936d6855615a246f8ca259d57818b4
Size

294KB
MD5

830743c41d3c9bd30c3a0407a4d62be0
SHA1

29147f2e38530b9948c2a4a170cd9e98d262527b
SHA256

8f1b1814a1ba0dbae1d6230f2e2547f53a936d6855615a246f8ca259d57818b4
SHA512

26aa032659756abec820d94e2a35b0904714c6fe9439dad27f2ea3749b7071b321d9a560253dda36a2f15e38e16c05c4dc2db69755834fc3469c45068c9ee871
SSDEEP

6144:OA3IVlck5Pnoq469/1Utjfd3fw5Wpw/JqxsqaFPcDCi:OCcPnX469/WRF4V/BqaFPcDf

Score

N/A

Malware Config

Signatures

Files

8f1b1814a1ba0dbae1d6230f2e2547f53a936d6855615a246f8ca259d57818b4
.exe windows x86

fde8d39890ee6306f5c1448e5df916c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStartupInfoA
WriteConsoleW
SetEvent
DisconnectNamedPipe
CloseHandle
GetCurrentDirectoryA
lstrlenW
GetCommandLineA
GetPriorityClass
GetFileAttributesW
SuspendThread
CopyFileW
lstrcpyA
GetModuleHandleA
GetStdHandle
HeapCreate
CreatePipe
GetProcessHeap
HeapDestroy
WriteConsoleW
WriteConsoleW

msftedit

RichComboBoxWndProc
RichListBoxWndProc
SetCustomTextOutHandlerEx
RichEditWndProc

shell32

SHGetMalloc
DuplicateIcon
DllUnregisterServer
SHGetDiskFreeSpaceA
DragQueryFileA
SHGetSettings
DragFinish
ExtractIconA
SHFree
StrChrA
DragAcceptFiles
ShellMessageBoxA
ShellAboutA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 285KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impdata
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fde8d39890ee6306f5c1448e5df916c8

Headers

File Characteristics

Imports

kernel32

msftedit

shell32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 776B

.rsrc Size: 285KB - Virtual size: 284KB

.rdata Size: 512B - Virtual size: 132B

.impdata Size: 512B - Virtual size: 108B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 776B

.rsrc
Size: 285KB - Virtual size: 284KB

.rdata
Size: 512B - Virtual size: 132B

.impdata
Size: 512B - Virtual size: 108B