749103d3231054d6f23f2cfe9eb82dbfea51b1401e75023904ccc43893b3e89e

Sharing

Copy URL Twitter E-mail

General

Target

749103d3231054d6f23f2cfe9eb82dbfea51b1401e75023904ccc43893b3e89e
Size

132KB
MD5

a09c24296e912bad0442e8986ef52fa0
SHA1

b94f6db8171ce87472487ce28ef3424c9123aba7
SHA256

749103d3231054d6f23f2cfe9eb82dbfea51b1401e75023904ccc43893b3e89e
SHA512

4322c113c34b6fe4fcc0750ff718d279f17b0fd28f2815395d20fc3be4f9758c37880bce0c7cab1e17e4c873c5fde961c8bd3045ca25e8a754342f13fef08fb3
SSDEEP

3072:xXd/TziKyzZrT+gl8rv9OuoZZzq1SDADeak7dJHB/AdGB:xXdzyVf+g6rg5zASsQLH5AdO

Score

N/A

Malware Config

Signatures

Files

749103d3231054d6f23f2cfe9eb82dbfea51b1401e75023904ccc43893b3e89e
.exe windows x86

7292e2f6de943a7978873025105d1259

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetExitCodeProcess
WaitForSingleObject
CreateFileMappingA
CreateMutexA
FormatMessageA
CreateProcessA
UnmapViewOfFile
GetVolumeInformationA
MapViewOfFileEx
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
CreateEventA
WaitForMultipleObjects
FindFirstFileA
RtlUnwind
HeapAlloc
CompareStringA
CompareStringW
GetStringTypeW
GetStringTypeA
SetStdHandle
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadCodePtr
GetFileType
GetStdHandle
FlushFileBuffers
GetEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
FreeEnvironmentStringsA
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetACP
GetCPInfo
GetOEMCP
VirtualAlloc
VirtualFree
IsBadWritePtr
ExitProcess
HeapDestroy
LCMapStringW
HeapCreate
FindNextFileA
TerminateProcess
MultiByteToWideChar
FindClose
SetFilePointer
SetEndOfFile
GetFileSize
ReadFile
DeleteFileA
GetLastError
WideCharToMultiByte
WriteFile
SetEnvironmentVariableA
GetDriveTypeA
CloseHandle
CreateFileA
HeapReAlloc
GetVersion
HeapSize
LCMapStringA
GetCurrentDirectoryA
GetFullPathNameA
GetCommandLineA
SetCurrentDirectoryA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapFree
GetModuleHandleA
GetStartupInfoA

user32

UpdateWindow
PostQuitMessage
CreateDialogParamA
SetForegroundWindow
ShowWindow
GetDlgItem
DestroyWindow
SendMessageA
InvalidateRect
GetClientRect
ExitWindowsEx
PostThreadMessageA
SetWindowTextA
PeekMessageA
GetMessageA
LoadStringA
DialogBoxParamA
TranslateMessage
DispatchMessageA
SendDlgItemMessageA
EndDialog
MessageBoxA
BeginPaint
ReleaseDC
EndPaint
GetDC

gdi32

SelectPalette
SelectObject
DeleteObject
CreateDIBitmap
RealizePalette
CreatePalette
DeleteDC
StretchBlt
SetStretchBltMode
GetObjectA
CreateCompatibleDC

advapi32

OpenProcessToken
LookupPrivilegeValueA
RegCloseKey
RegQueryValueExA
RegSetValueExA
AdjustTokenPrivileges
RegCreateKeyExA
RegOpenKeyExA

shell32

ShellExecuteA

comctl32

ord17

Exports

Exports

?CDAPFN0506_SendProtectMessage@@3UCDAPFN_PROPERTIES@@A
?PatchCallBack@@YGPAXIPAX@Z

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7292e2f6de943a7978873025105d1259

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 48KB - Virtual size: 45KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 48KB - Virtual size: 45KB