501e6b92781154af9fc432ad98f2098457724a88aa31a06f098bc08f505ed27e

Sharing

Copy URL Twitter E-mail

General

Target

501e6b92781154af9fc432ad98f2098457724a88aa31a06f098bc08f505ed27e
Size

99KB
MD5

119537c813b0173a5c61c42adeed1261
SHA1

2e50fc25241cf97544c3bce588a95151add153ba
SHA256

501e6b92781154af9fc432ad98f2098457724a88aa31a06f098bc08f505ed27e
SHA512

276c0c673bcf21d4e874551573bcbc4ed86364e9c9db850b1d862745823a8e16118b793a5064dab6773799b4bd0ab82b604e3806a3798110db4b6e38105f9a3f
SSDEEP

1536:Vhx99xlXujEeOwiZF9+l8klp1cSSNKBdcT32iIa6DD772T:R99tbjQXb1crNKBehMD772T

Score

N/A

Malware Config

Signatures

Files

501e6b92781154af9fc432ad98f2098457724a88aa31a06f098bc08f505ed27e
.exe windows x86

9fdc87655d91e566cdce4bd5d8a37b4d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

calloc
_strnicmp
_exit
_acmdln
fwrite
__setusermatherr
_except_handler3
strchr
__p__commode
__set_app_type
strrchr
_write
_snprintf
exit
_initterm
strcmp
free
_errno
_XcptFilter
_stricmp
fputs
sinh
__getmainargs
_setmode
__p__fmode
printf
_adjust_fdiv

kernel32

GetCurrentThread
DeleteFileW
GetProfileStringA
GetStartupInfoA
GetProfileIntA
GetStringTypeW
SetHandleCount
GetCommandLineW
OpenProcess
WaitForMultipleObjects
VirtualQuery
SetCurrentDirectoryA
GetSystemInfo
CreateEventA
GetEnvironmentStringsW
IsDebuggerPresent
GetStdHandle
SetEnvironmentVariableA
SetEvent
SetErrorMode

advapi32

SetSecurityDescriptorOwner
ControlService
CryptAcquireContextA
FreeSid
RegSetValueExA
RegCreateKeyExA
OpenServiceA
InitializeSecurityDescriptor
RegEnumKeyExA
CryptReleaseContext

shell32

SHGetMalloc
ShellExecuteEx
SHGetFolderLocation
SHGetSpecialFolderPathW
CommandLineToArgvW
ShellExecuteExA
SHGetFileInfo
SHAddToRecentDocs
SHGetPathFromIDListW
DragFinish
SHGetFolderPathW
SHGetPathFromIDList
DragQueryFile

gdi32

GetRegionData
GetBitmapBits
GetDIBits
CreateFontW
GetEnhMetaFileBits
GetBrushOrgEx
PlayMetaFileRecord

oleaut32

SysAllocStringLen
VariantCopyInd
GetErrorInfo
LoadTypeLib
VariantInit
SafeArrayRedim
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayUnaccessData

ole32

StringFromGUID2
IsAccelerator
ReleaseStgMedium
OleIsCurrentClipboard
CoFreeUnusedLibraries
CoReleaseMarshalData
OleRun
CoInitializeEx

user32

RegisterWindowMessageA
GetWindowPlacement
OffsetRect
GetClassInfoA
FindWindowA
DestroyWindow
SetCursor
PostQuitMessage
DestroyMenu
GetScrollInfo
WindowFromPoint
GetWindow
SetClassLongA

comctl32

CreatePropertySheetPageW
ImageList_Read
ImageList_BeginDrag
ImageList_GetBkColor
ImageList_DragShowNolock
ImageList_Replace
ImageList_GetIconSize
ImageList_Add

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9fdc87655d91e566cdce4bd5d8a37b4d

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

shell32

gdi32

oleaut32

ole32

user32

comctl32

Sections

.text Size: 4KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 36KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 4KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 36KB

.rsrc
Size: 25KB - Virtual size: 25KB