db82cfed0003b4fb2e5697c3c0563234af92c4e420335720923eebe3f41ec557

Sharing

Copy URL Twitter E-mail

General

Target

db82cfed0003b4fb2e5697c3c0563234af92c4e420335720923eebe3f41ec557
Size

533KB
MD5

82c43f93cd54fc6dc4f280061cf35ace
SHA1

44e32eb5c4e18b5c0936b0f14d604e1ae0d93a50
SHA256

db82cfed0003b4fb2e5697c3c0563234af92c4e420335720923eebe3f41ec557
SHA512

c86879b7cd29b4ef4ff556b005ae4a9291d87fe6ba3aed96ca91869caa46fe15417a2f3b28c4add52a22a49fdb0c45911f6ae35db9a26584997430d953aff7df
SSDEEP

6144:O8F4tWeXhqclvjRIh38yA2XoBnCTNOkj8iunzjZDdnACDp6vuw6snh7Mqp:1eXUqLR+jqnBnf9SCDp6GFsnh4K

Score

N/A

Malware Config

Signatures

Files

db82cfed0003b4fb2e5697c3c0563234af92c4e420335720923eebe3f41ec557
.exe windows x86

6133167a1fc75193e0a71f091fd49d39

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
WaitForSingleObject
GetExitCodeProcess
CloseHandle
GetVersionExA
GetStartupInfoA
GetCurrentThreadId
GetSystemTimeAsFileTime
DeviceIoControl
GetModuleFileNameA
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFilePointerEx
GetFileSizeEx
TlsGetValue
GetTempPathA
HeapDestroy
DeleteCriticalSection
InitializeCriticalSection
GetCurrentProcess
FlushInstructionCache
OpenThread
TlsSetValue
GetCurrentProcessId
GetEnvironmentVariableA
GetProcessHeap
EnterCriticalSection
GetModuleHandleA
HeapAlloc
TlsAlloc
SetEnvironmentVariableA
TlsFree
HeapFree
ReleaseMutex
CreateMutexA
SetFilePointer
ReadFile
GetACP
OutputDebugStringA
FormatMessageW
GetSystemTime
LocalFree
lstrcmpA
lstrlenW
WideCharToMultiByte
FreeLibrary
LoadLibraryW
GetProcAddress
SetLastError
GetLastError
GetFileType
lstrlenA
MultiByteToWideChar
CreateFileA
LeaveCriticalSection

user32

SetWindowLongA
GetWindowLongA
IsDialogMessageA
LoadImageA
SetWindowPos
DefWindowProcA
CreateDialogParamA
ShowWindow
GetWindowRect
SystemParametersInfoA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
PostMessageA
PtInRect
SetCursor
LoadCursorA
ScreenToClient
ChildWindowFromPoint
GetClientRect
DestroyWindow
PostQuitMessage

gdi32

GetStockObject
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetObjectA
SetBkMode

shell32

ShellExecuteExA

ole32

CoInitialize
CoUninitialize

comctl32

InitCommonControlsEx

msvcrt

sscanf
tolower
_snprintf
_except_handler3
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
__dllonexit
_onexit
?terminate@@YAXXZ
_controlfp
__CxxFrameHandler
realloc
_mbsnbcat
_mbsnbcpy
_mbsrchr
free
swscanf
_mbslwr
memchr
qsort
strncpy
malloc
sprintf
wcschr
_snwprintf
wcsrchr
wcsncpy
wcscmp
strerror
wcscpy
wcstok
wcslen
_errno
_purecall
_mbscmp
_mbsnbcmp
_vsnprintf
_CxxThrowException
memmove
??2@YAPAXI@Z
_mbschr

shlwapi

SHGetValueA
PathFileExistsA

version

VerQueryValueA
GetFileVersionInfoSizeA

advapi32

RegQueryValueExA
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6133167a1fc75193e0a71f091fd49d39

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

comctl32

msvcrt

shlwapi

version

advapi32

Sections

.text Size: 72KB - Virtual size: 69KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 6KB

.rsrc Size: 308KB - Virtual size: 308KB

.text
Size: 72KB - Virtual size: 69KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 308KB - Virtual size: 308KB