199cf1fd8df159c2640036b6d39becc7edb075b0dc9bc6f67c74b0f692d67aae

Sharing

Copy URL Twitter E-mail

General

Target

199cf1fd8df159c2640036b6d39becc7edb075b0dc9bc6f67c74b0f692d67aae
Size

127KB
MD5

0a97d32fbabf522b3ee896e50bf2e297
SHA1

f356001b066831b9be39437c19005cdd79d7796f
SHA256

199cf1fd8df159c2640036b6d39becc7edb075b0dc9bc6f67c74b0f692d67aae
SHA512

6fc96b8157dde2958f023b856af9124273c8a6db02eb10a363ef57fb9e6b01f630cf0ab27b160813d767e509e2c5debad438e24037e16344006191ff0368e0dd
SSDEEP

3072:UWBw40FZeQ47X7wue+jieqD58hkAWVgYdybHrvHup1O:USd7wue+jiLl8ZXYdwLvHV

Score

N/A

Malware Config

Signatures

Files

199cf1fd8df159c2640036b6d39becc7edb075b0dc9bc6f67c74b0f692d67aae
.exe windows x86

bf903829459d65d9822cbf7fd4ce6f10

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

exit
__p__fmode
log10
__setusermatherr
_stricmp
__getmainargs
_lock
memcpy
remove
calloc
_XcptFilter
_adjust_fdiv
__p__commode
_initterm
_acmdln
_controlfp
_strcmpi
_wcsnicmp
_amsg_exit
_except_handler3
__set_app_type

kernel32

GetModuleHandleA
GetEnvironmentStrings
VirtualProtect
FormatMessageA
SetFilePointer
GetSystemDefaultLCID
LCMapStringW
SystemTimeToFileTime
GetStartupInfoA
GetCommandLineA

advapi32

OpenServiceA
RegEnumKeyExA
OpenThreadToken
InitializeAcl

oleaut32

SafeArrayPtrOfIndex
GetActiveObject
SysAllocStringLen
SysAllocStringByteLen
SysReAllocStringLen
VariantCopy
SafeArrayGetUBound
GetErrorInfo
SafeArrayRedim

comctl32

ImageList_GetIcon
ImageList_DrawEx
ImageList_Replace
ImageList_DragEnter
ImageList_Destroy
ImageList_DragShowNolock
CreateToolbarEx
PropertySheetW
ImageList_DragLeave

gdi32

ScaleWindowExtEx
PolyDraw
GetObjectW
CopyEnhMetaFileA
ArcTo
CombineRgn
GetBkColor
Polyline
GetMapMode
ExtFloodFill
SaveDC
LPtoDP
SelectClipRgn
GetBrushOrgEx
GetTextExtentPoint32W
SetMetaFileBitsEx

shell32

SHFileOperationA
CommandLineToArgvW
SHGetSpecialFolderPathA
SHGetFolderPathA
SHGetMalloc
ExtractIconExA
ExtractAssociatedIconW
SHCreateDirectoryExW
ExtractIconW
ExtractIconA
SHGetDesktopFolder

ole32

IsEqualGUID
StgCreateDocfileOnILockBytes
CoDisconnectObject
CLSIDFromProgID
CoCreateGuid
OleSetClipboard
OleGetClipboard
CoRegisterMessageFilter
CoSetProxyBlanket
CreateILockBytesOnHGlobal
IIDFromString

user32

GetClassNameA
AdjustWindowRectEx
GetLastActivePopup
GetMenuItemID
SetActiveWindow
RegisterClipboardFormatA

version

VerInstallFileW
GetFileVersionInfoA
VerQueryValueA
VerQueryValueW
GetFileVersionInfoSizeA
VerInstallFileA
VerLanguageNameA

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 91KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bf903829459d65d9822cbf7fd4ce6f10

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

oleaut32

comctl32

gdi32

shell32

ole32

user32

version

Sections

.text Size: 17KB - Virtual size: 16KB

.data Size: 18KB - Virtual size: 43KB

.rsrc Size: 91KB - Virtual size: 172KB

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 18KB - Virtual size: 43KB

.rsrc
Size: 91KB - Virtual size: 172KB