6503b5a53f25f52e6e288e3f6e848e51736cf8b5c515a50a88dc11d3b2545fc4

Sharing

Copy URL Twitter E-mail

General

Target

6503b5a53f25f52e6e288e3f6e848e51736cf8b5c515a50a88dc11d3b2545fc4
Size

48KB
MD5

6fc1623d9194ad0503b98d1118b33d14
SHA1

da4f69341063b84652c42b17f1501cf9091ed75d
SHA256

6503b5a53f25f52e6e288e3f6e848e51736cf8b5c515a50a88dc11d3b2545fc4
SHA512

dd61bde1a0cdd38ac3d239790e070d710ef0f14ce863447524ab31c7f0124e69aac40af9601be92d1119d7c0cf900bb839d58692d4d4ae52d6d242d8c16f4b17
SSDEEP

768:m4Eu28OftUEucvKS4qNvgHN8FjV452hvGc23Jn:y9UAvKSuSV7923Jn

Score

N/A

Malware Config

Signatures

Files

6503b5a53f25f52e6e288e3f6e848e51736cf8b5c515a50a88dc11d3b2545fc4
.exe windows x86

daa93c3fec3151787be2be635f42331e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LoadResource
FindResourceA
FreeLibrary
EnumResourceNamesA
LoadLibraryExA
SetErrorMode
LockResource
ExpandEnvironmentStringsA
CloseHandle
WriteFile
CreateFileA
GlobalUnlock
GetSystemTimeAsFileTime
GetTempFileNameA
GlobalSize
LocalAlloc
FreeResource
Sleep
MultiByteToWideChar
GetModuleFileNameA
GetPrivateProfileIntA
RemoveDirectoryA
SetFileAttributesA
GetDriveTypeA
MulDiv
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetProcAddress
LoadLibraryA
GetThreadLocale
LocalFree
WritePrivateProfileStringA
_lopen
_lread
_llseek
WideCharToMultiByte
_lclose
MoveFileA
GetLastError
DeleteFileA
FindFirstFileA
FindClose
OpenFile
GetWindowsDirectoryA
WinExec
GetPrivateProfileStringA
ord18
GlobalAlloc
GlobalLock
lstrcmpA
GetPrivateProfileSectionA
lstrcpyA
lstrcatA
GlobalFree
lstrcpynA
lstrcmpiA
lstrlenA
GlobalReAlloc
lstrlenW
lstrcpyW

gdi32

GetDeviceCaps
GetTextExtentPointA
GetTextExtentExPointA

user32

CharNextA
GetWindow
wsprintfA
LoadStringA
SetPropA
DdeQueryNextServer
GetPropA
FindWindowA
GetClassNameA
DdeConnectList
GetWindowThreadProcessId
DdeCreateStringHandleA
GetDesktopWindow
DdeFreeStringHandle
DdeUninitialize
DdeInitializeA
SetForegroundWindow
SetDlgItemTextA
DdeDisconnectList
EnableMenuItem
ReleaseDC
CreateDialogParamA
DestroyWindow
GetClientRect
GetDC
SystemParametersInfoA
LoadCursorA
SetCursor
GetLastActivePopup
wvsprintfA
GetSystemMetrics
PeekMessageA
MessageBoxA
GetDlgItem
DdeClientTransaction
DispatchMessageA
SendDlgItemMessageA
LookupIconIdFromDirectory
CopyRect
GetSystemMenu

advapi32

RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegEnumKeyExA
RegOpenKeyA
RegDeleteValueA
RegSetValueA
RegSetValueExA
RegCreateKeyA
RegDeleteKeyA
RegEnumValueA
RegEnumKeyA
RegCloseKey

comctl32

ord17
ord357
ord320
ord321
ord326
ord323
ord73
ord234
ord350
ord233
ord324

shell32

ord89
ord63
ord34
ord64
ord171
ord57
ord128
SHGetSpecialFolderLocation
ord163
ord157
ord25
ord23
ord96
SHGetPathFromIDListA
ord155
ord196
ord195
ShellExecuteExA
ord37
FindExecutableA
ord33
ord32
ord31
ord29
ord175
ord36
SHChangeNotify
ord45
ord165
ord49
ord58
ord52
ord119
ord51
SHAddToRecentDocs
ord56
ord164
ord35
ord94
ord79

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

daa93c3fec3151787be2be635f42331e

Headers

File Characteristics

Imports

kernel32

gdi32

user32

advapi32

comctl32

shell32

version

Sections

.text Size: 32KB - Virtual size: 30KB

.data Size: 4KB - Virtual size: 324B

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 30KB

.data
Size: 4KB - Virtual size: 324B

.rsrc
Size: 8KB - Virtual size: 4KB