d0daa220c3e80e41383a7cf94720d5b99704573a272a875f553875685c6dc3c3

Sharing

Copy URL Twitter E-mail

General

Target

d0daa220c3e80e41383a7cf94720d5b99704573a272a875f553875685c6dc3c3
Size

342KB
MD5

31a85287e86cd19b858de2e7d184f212
SHA1

469dd1c4260e07906a6d3f9895a286cda60d1ba4
SHA256

d0daa220c3e80e41383a7cf94720d5b99704573a272a875f553875685c6dc3c3
SHA512

2014a145b15190ef15b9c0511698930924103d36ad8e6579f6595ef4792c0c492d0184f1f43c6eb8c808f2b89840ec695e6f258d9b932e146a6f274ad88ba8fc
SSDEEP

6144:rfwWBFUDdMiiNaDNg+OR67SW6SmyJM4Wfr0U/hQ50DeCQNLxvO:r4WBFAd2km+i616gJM4WvJQ5rjr

Score

N/A

Malware Config

Signatures

Files

d0daa220c3e80e41383a7cf94720d5b99704573a272a875f553875685c6dc3c3
.exe windows x86

9dc61af5aaaeb77df79218fd46e8e5a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHEnumValueA

oleaut32

SafeArrayPtrOfIndex
SysFreeString
SafeArrayGetElement
GetErrorInfo
SafeArrayGetUBound
SafeArrayUnaccessData
VariantCopyInd

shell32

SHGetFolderPathA
SHGetDiskFreeSpaceA

version

GetFileVersionInfoA
VerQueryValueA

user32

RemovePropA
SendMessageW
OemToCharA
MessageBeep
MapWindowPoints
LoadCursorA
LoadKeyboardLayoutA
OffsetRect
PtInRect
RegisterClassA
PostMessageA
ScreenToClient
ReleaseDC
LoadBitmapA
MapVirtualKeyA
LoadStringA
RedrawWindow
RegisterClipboardFormatA
RegisterWindowMessageA
PostQuitMessage
ReleaseCapture
PeekMessageA
ScrollWindow
LoadIconA
PeekMessageW
RemoveMenu
SendMessageA
MessageBoxA
SetActiveWindow
OpenClipboard

ole32

WriteClassStm
CoGetContextToken
GetHGlobalFromStream
CoCreateInstanceEx
CoReleaseMarshalData
StgCreateDocfileOnILockBytes
CreateOleAdviseHolder
CoRegisterClassObject
CreateStreamOnHGlobal

gdi32

CreatePenIndirect
GetBitmapBits
CreateDIBitmap
CreateFontIndirectA
CreatePalette

comctl32

ImageList_Read
ImageList_DragShowNolock
ImageList_Add
ImageList_Remove

msvcrt

wcstol
wcscspn

kernel32

VirtualQuery
ExitProcess
HeapDestroy
lstrlenW
WaitForSingleObject
GetCommandLineA
WideCharToMultiByte
SizeofResource
GetProcAddress
GetCommandLineW
lstrlenA
MoveFileExA
lstrcmpiA
VirtualFree
WriteFile
LocalAlloc
ExitThread
GetVersionExA
lstrcatA
lstrcpynA
GetModuleHandleA
lstrcmpA
IsBadReadPtr
MoveFileA
MulDiv
VirtualAllocEx
LoadLibraryA
LocalReAlloc
lstrcpyA
VirtualAlloc
LocalFree

advapi32

RegEnumKeyA
RegQueryValueA

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc1
Size: 512B - Virtual size: 346B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc6
Size: 270KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc2
Size: 1024B - Virtual size: 943B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc9
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc7
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9dc61af5aaaeb77df79218fd46e8e5a9

Headers

File Characteristics

Imports

shlwapi

oleaut32

shell32

version

user32

ole32

gdi32

comctl32

msvcrt

kernel32

advapi32

Sections

.text Size: 61KB - Virtual size: 61KB

.data Size: 1024B - Virtual size: 552B

.rsrc1 Size: 512B - Virtual size: 346B

.rsrc6 Size: 270KB - Virtual size: 269KB

.rsrc2 Size: 1024B - Virtual size: 943B

.rsrc9 Size: 3KB - Virtual size: 3KB

.rsrc7 Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 976B

.text
Size: 61KB - Virtual size: 61KB

.data
Size: 1024B - Virtual size: 552B

.rsrc1
Size: 512B - Virtual size: 346B

.rsrc6
Size: 270KB - Virtual size: 269KB

.rsrc2
Size: 1024B - Virtual size: 943B

.rsrc9
Size: 3KB - Virtual size: 3KB

.rsrc7
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 976B