17a145b606419f411640723fcfe06fa46efc79620baf4206ae453459f379113a

General

Target

17a145b606419f411640723fcfe06fa46efc79620baf4206ae453459f379113a
Size

775KB
MD5

132de83f4ba90155b6c7bbc5888f2031
SHA1

4ab847082ef8d39ad2ce809d35098fca9ed3c638
SHA256

17a145b606419f411640723fcfe06fa46efc79620baf4206ae453459f379113a
SHA512

4b58432a3b897ff54b8641fcc1544b28479f740b19b87b62eb39fc8ca86dba9761e222cd20d914d4b81b1f3861735705ce4a74ac33d315f94d388cfd82f82140
SSDEEP

24576:vWoNFpyY9ZXoNY7NX+Ke7UXP4MX1Smhu/9OsIgX:vWoNFpyIXKY7N0kA+VA/

Score

N/A

Malware Config

Signatures

Files

17a145b606419f411640723fcfe06fa46efc79620baf4206ae453459f379113a
.exe windows x86

1ef1b9be4b6aa70b84df986daf3525b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrlenW
GetLastError
CloseHandle
WriteConsoleW
GetStdHandle
ClearCommBreak
WriteConsoleW
HeapCreate
IsDebuggerPresent
GetCurrentDirectoryA
GetFileAttributesA
SetEvent
DisconnectNamedPipe
CreatePipe
CopyFileW
GetPriorityClass
WriteConsoleW
lstrcpyW
GetModuleHandleA
SuspendThread
GetStartupInfoA

msftedit

SetCustomTextOutHandlerEx
RichListBoxWndProc
RichEditWndProc
RichComboBoxWndProc

shell32

ShellAboutA
DuplicateIcon
ExtractIconA
DragAcceptFiles
SHGetDiskFreeSpaceA
SHGetMalloc
DragQueryFileA
DragFinish
SHFree
ShellMessageBoxA
SHGetSettings
DllUnregisterServer
StrChrA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 766KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impdata
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1ef1b9be4b6aa70b84df986daf3525b0

Headers

File Characteristics

Imports

kernel32

msftedit

shell32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 8KB

.data Size: 1024B - Virtual size: 752B

.rsrc Size: 766KB - Virtual size: 2.1MB

.rdata Size: 512B - Virtual size: 132B

.impdata Size: 512B - Virtual size: 80B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 8KB

.data
Size: 1024B - Virtual size: 752B

.rsrc
Size: 766KB - Virtual size: 2.1MB

.rdata
Size: 512B - Virtual size: 132B

.impdata
Size: 512B - Virtual size: 80B