433447a0d36919ffbe6267ea11522b1aa8e68739530999552fd41dcae8d86c17

Sharing

Copy URL Twitter E-mail

General

Target

433447a0d36919ffbe6267ea11522b1aa8e68739530999552fd41dcae8d86c17
Size

82KB
MD5

81b0e6e24960104a5c8c47c7af089b50
SHA1

af9e4ce2ef4eab6549aedd60860f243eacc3ce7b
SHA256

433447a0d36919ffbe6267ea11522b1aa8e68739530999552fd41dcae8d86c17
SHA512

cf3818c160b5b802d10fac51c9f9f7b12eb53b424d9e1dcce1bc61ae1ad98302c64c6610bed7638280125d24e37fd6f136ec440bc30f3e55f2d6f2d5e0fb14b1
SSDEEP

1536:F05EWGOc2tgewyntlt+kRiUEmb1tBZV/jlBjfFjlm/81q4CdTkIA:AEWdc2gyDTbdZZXLmkWk

Score

N/A

Malware Config

Signatures

Files

433447a0d36919ffbe6267ea11522b1aa8e68739530999552fd41dcae8d86c17
.exe windows x86

30af8d3e61fcf6774344fd2fc19e1830

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_errno
_initterm
_vsnprintf
calloc
fread
_XcptFilter
_exit
_snprintf
strncpy
__getmainargs
__setusermatherr
__set_app_type
_setmode
_onexit
__p___initenv
_except_handler3
strchr
free
__p__fmode
strrchr
_controlfp
_adjust_fdiv
sprintf
_cexit
__p__commode
fopen

kernel32

GetCommandLineA
GetStringTypeA
GetProcessHeap
GetOEMCP
GetConsoleMode
CompareStringW
VirtualProtectEx
GetLastError
GetThreadLocale
RaiseException
GetCommandLineW
RtlUnwind
GetModuleHandleW
GetProcAddress
WaitForMultipleObjects

advapi32

IsValidSid
CryptHashData
RegOpenKeyExA
OpenSCManagerA
InitializeAcl
RegOpenKeyExW
OpenSCManagerW
RegQueryInfoKeyA
RegSetValueExW

user32

DestroyWindow
MessageBeep
GetMessageA
GetClassNameA
CharLowerA
LoadCursorA

comctl32

ImageList_AddMasked
ImageList_Draw
ImageList_GetImageInfo
ImageList_GetBkColor
ImageList_BeginDrag
InitCommonControls
ImageList_EndDrag
ImageList_SetDragCursorImage
ImageList_DragShowNolock
ImageList_DragLeave
ImageList_SetBkColor
InitCommonControlsEx
ImageList_LoadImageA
ImageList_ReplaceIcon
CreateStatusWindowA
ImageList_Read

ole32

OleSetMenuDescriptor
StgOpenStorage
IsAccelerator
CoGetMalloc
CoFreeUnusedLibraries
CLSIDFromString
StringFromIID
CreateILockBytesOnHGlobal
CLSIDFromProgID
OleUninitialize
OleRun
CoInitializeSecurity
CoInitializeEx
CoGetInterfaceAndReleaseStream
CoTaskMemAlloc
CoRevokeClassObject

gdi32

Arc
Polygon
OffsetRgn
GetDIBits
SetViewportOrgEx
EnumFontFamiliesExW
GetObjectW
GetTextCharsetInfo
GetPaletteEntries
CreateFontIndirectW
OffsetWindowOrgEx

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

30af8d3e61fcf6774344fd2fc19e1830

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

user32

comctl32

ole32

gdi32

Sections

.text Size: 5KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 63KB

.rsrc Size: 4KB - Virtual size: 84KB

.text
Size: 5KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 63KB

.rsrc
Size: 4KB - Virtual size: 84KB