51f5ab05f82c348ecfc8a8014135b1864aabc31f78ab5d561091c1e298179718

Sharing

Copy URL Twitter E-mail

General

Target

51f5ab05f82c348ecfc8a8014135b1864aabc31f78ab5d561091c1e298179718
Size

126KB
MD5

82b751444cdf475c158febf29dec7254
SHA1

daf6557562762e2fa5d10c3eebac175cf3cb9861
SHA256

51f5ab05f82c348ecfc8a8014135b1864aabc31f78ab5d561091c1e298179718
SHA512

effbcc9badc2cea6d2783232256cfe65a3d4790eb4bd05926600d436f42b09e91e8d2e971c9c7a3e4de6ddb8e265e2d2dd4f7f88ddb56c9e629e7c28dcef0807
SSDEEP

3072:Bmf+jrG/ShZcdFLm8UdjtlELlhc1eSQbdHniQUIWGH:A+8fe8MtYhc1hQbdHiQ

Score

N/A

Malware Config

Signatures

Files

51f5ab05f82c348ecfc8a8014135b1864aabc31f78ab5d561091c1e298179718
.exe windows x86

8566a2c7c7cf82112966c4b0fe8f7162

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

IsBadWritePtr
FileTimeToSystemTime
GetConsoleMode
LocalFileTimeToFileTime
GetStartupInfoW
FileTimeToDosDateTime
GetDateFormatA
LCMapStringW
DisableThreadLibraryCalls
CopyFileA
DuplicateHandle
GetStartupInfoA
GetFileTime
VirtualProtect
GetModuleHandleA

msvcrt

_initterm
_acmdln
__p__commode
_utime
log10
fflush
__p__fmode
_write
_XcptFilter
__getmainargs
_adjust_fdiv
_controlfp
__set_app_type
__setusermatherr
_flsbuf
_except_handler3
exit
strncpy

gdi32

TextOutW
SetRectRgn
CreateICW
SetGraphicsMode
RestoreDC
CreateDCW
ExcludeClipRect
Escape
GetViewportOrgEx
ScaleWindowExtEx
GetTextExtentPoint32W
SetMapperFlags

user32

EndPaint
DestroyIcon
DrawEdge
GetLastActivePopup
DispatchMessageA
SetPropA
WindowFromPoint
GetIconInfo
CreateMenu

version

GetFileVersionInfoW
GetFileVersionInfoA
VerInstallFileW
GetFileVersionInfoSizeA
VerInstallFileA
VerQueryValueA

comctl32

ImageList_Replace
ImageList_Read
ImageList_DragEnter
DestroyPropertySheetPage
ImageList_AddMasked
ImageList_SetDragCursorImage
CreatePropertySheetPageW
ImageList_Create
CreateStatusWindowA
ImageList_DragShowNolock
ImageList_GetIconSize

oleaut32

SetErrorInfo
LoadTypeLib
GetErrorInfo
GetActiveObject
SafeArrayUnaccessData
VariantInit
SafeArrayPutElement
SysAllocStringByteLen
VariantClear
SysStringLen
SafeArrayGetUBound

ole32

IsAccelerator
CoSetProxyBlanket
PropVariantClear
OleFlushClipboard
OleDraw
ProgIDFromCLSID
OleUninitialize

advapi32

RegEnumKeyExA
RegCreateKeyExW
GetTokenInformation
CryptHashData
AllocateAndInitializeSid
RegEnumValueA
CryptGenRandom

shell32

ExtractIconExA
SHGetFileInfoA
ExtractIconW
SHCreateDirectoryExW
SHGetSpecialFolderPathA
SHGetPathFromIDListW
DragFinish

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vjjeswf
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8566a2c7c7cf82112966c4b0fe8f7162

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

user32

version

comctl32

oleaut32

ole32

advapi32

shell32

Sections

.text Size: 16KB - Virtual size: 16KB

.data Size: 18KB - Virtual size: 42KB

.rsrc Size: 90KB - Virtual size: 118KB

vjjeswf Size: - Virtual size: 4KB

.text
Size: 16KB - Virtual size: 16KB

.data
Size: 18KB - Virtual size: 42KB

.rsrc
Size: 90KB - Virtual size: 118KB

vjjeswf
Size: - Virtual size: 4KB