6853e9543f8557e06d1105e1dc2e313f9aa00ab78782ba81aada050a7cf42b5d

General

Target

6853e9543f8557e06d1105e1dc2e313f9aa00ab78782ba81aada050a7cf42b5d
Size

157KB
MD5

06781248cf4f0335e8c8a5d1fc05e238
SHA1

7f2134ec010f84d905da03ab69ce14af3e3edae5
SHA256

6853e9543f8557e06d1105e1dc2e313f9aa00ab78782ba81aada050a7cf42b5d
SHA512

ba54a2b3eea54979880ed99fa7b51adc0a188dcb888a7306ae430b900c9c69d2cd1809dd2c503f613b7fd078924dbefcaa0f320352c558895d8fc12613849310
SSDEEP

3072:hHvUBd7vQzY8Km1vdefjm92t1AW58Jre1pgSLpwhbOF7v8qeWa:hPUB1QznvimU75COKSLpwhbev83

Score

N/A

Malware Config

Signatures

Files

6853e9543f8557e06d1105e1dc2e313f9aa00ab78782ba81aada050a7cf42b5d
.exe windows x86

58a96629cd8c83d1da17bd2d71441107

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHQueryInfoKeyA
SHDeleteValueA
SHEnumValueA
PathIsDirectoryA
SHSetValueA
SHGetValueA

user32

GetActiveWindow
FillRect
FrameRect
DrawMenuBar
IsWindow
GetMenu
EnableWindow
FindWindowA
EqualRect

shell32

SHFileOperationA
SHGetDesktopFolder
DragQueryFileA
SHGetSpecialFolderLocation
Shell_NotifyIconA

kernel32

GetCurrentThreadId
CompareStringA
CreateEventA
GetModuleFileNameA
GlobalDeleteAtom
VirtualAllocEx
ResetEvent
VirtualAlloc
FreeLibrary
lstrcatA
FormatMessageA
ExitProcess
LoadLibraryA
WideCharToMultiByte
GetUserDefaultLCID
SetThreadLocale
lstrlenA
GetCommandLineA
DeleteCriticalSection
FindClose
GlobalAddAtomA
FindResourceA
HeapAlloc

Exports

Exports

_soYKv2o
suue5x8GCr4JP
_ucr72tI

Sections

CODE
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tdata
Size: 1024B - Virtual size: 606B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58a96629cd8c83d1da17bd2d71441107

Headers

File Characteristics

Imports

shlwapi

user32

shell32

kernel32

Exports

Exports

Sections

CODE Size: 28KB - Virtual size: 28KB

.rdata Size: 9KB - Virtual size: 104KB

.data Size: 107KB - Virtual size: 107KB

.idata Size: 1KB - Virtual size: 1KB

.tdata Size: 1024B - Virtual size: 606B

.rsrc Size: 8KB - Virtual size: 8KB

CODE
Size: 28KB - Virtual size: 28KB

.rdata
Size: 9KB - Virtual size: 104KB

.data
Size: 107KB - Virtual size: 107KB

.idata
Size: 1KB - Virtual size: 1KB

.tdata
Size: 1024B - Virtual size: 606B

.rsrc
Size: 8KB - Virtual size: 8KB