538905222e4746f92c5a93dad80dc0a602b2ed05d73150a2b0afdfdec7d16b75

Sharing

Copy URL Twitter E-mail

General

Target

538905222e4746f92c5a93dad80dc0a602b2ed05d73150a2b0afdfdec7d16b75
Size

59KB
MD5

0e22b6fe75cd1412b6f3e1c36d9ce0f7
SHA1

7fa0f004ff9148040438e32e187f98d2306ecac8
SHA256

538905222e4746f92c5a93dad80dc0a602b2ed05d73150a2b0afdfdec7d16b75
SHA512

2f2ce07b94a1f1a5c3f87b9ddde3f7173fe93edc1c87a92b729ede0d0f17d86a5d8e59da5ee69ebe27b66b2bf187196f1e0f31633bab3c48ce3c77bdb6610ccf
SSDEEP

1536:EcpsdLQMfeJVuyqcNjtrpJxUrqXLYiJe3Ph:Ec2NQMWJVuyqcFppHXe/h

Score

N/A

Malware Config

Signatures

Files

538905222e4746f92c5a93dad80dc0a602b2ed05d73150a2b0afdfdec7d16b75
.exe windows x86

b0c8ddc7dbadbd7fdcdc5fcb6d9365ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

saproject

ord7

kernel32

Sleep
lstrcmpiW
GetCurrentThreadId
GetCommandLineW
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoW
GetModuleFileNameW
InterlockedIncrement
OutputDebugStringW
CreateEventW
GetModuleHandleA
ExitProcess
CreateThread
GetVersionExA
GetVersionExW
CloseHandle
WaitForSingleObject
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
lstrlenW
RaiseException
InitializeCriticalSection
DeleteCriticalSection
InterlockedDecrement
SetEvent

user32

UnregisterClassA
CharNextW
DispatchMessageW
GetMessageW
PostThreadMessageW

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

ole32

CreateItemMoniker
CoRegisterClassObject
StringFromGUID2
GetRunningObjectTable
CoDisconnectObject
CoInitializeSecurity
CoCreateGuid
CoCreateInstance
CoUninitialize
CoInitialize
CoRevokeClassObject

oleaut32

VarBstrCat
LoadTypeLi
LoadRegTypeLi
VariantInit
VariantClear
SysAllocStringLen
SysStringLen
SysAllocString
SysStringByteLen
SysAllocStringByteLen
SysFreeString
VariantCopy

atl71

ord58
ord61
ord23
ord49
ord32
ord31
ord20
ord17
ord64
ord22
ord66
ord65
ord30
ord18

msvcr71

_exit
_c_exit
_onexit
__dllonexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__security_error_handler
realloc
memmove
__wgetmainargs
_XcptFilter
_cexit
exit
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_amsg_exit
_wcmdln
memcmp
_CxxThrowException
memset
_except_handler3
__CxxFrameHandler
??2@YAPAXI@Z
_purecall
??3@YAXPAX@Z
??_V@YAXPAX@Z
memcpy
_wcsicmp
??_U@YAPAXI@Z
free

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pxdpfkv
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b0c8ddc7dbadbd7fdcdc5fcb6d9365ef

Headers

File Characteristics

Imports

saproject

kernel32

user32

advapi32

ole32

oleaut32

atl71

msvcr71

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 520B

.rsrc Size: 32KB - Virtual size: 33KB

pxdpfkv Size: - Virtual size: 4KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 520B

.rsrc
Size: 32KB - Virtual size: 33KB

pxdpfkv
Size: - Virtual size: 4KB