25c8d185d071a6d9ca7c2b556b9e81fe0d6cbf78ebd619471aaf8ba18b732ddb

Sharing

Copy URL Twitter E-mail

General

Target

25c8d185d071a6d9ca7c2b556b9e81fe0d6cbf78ebd619471aaf8ba18b732ddb
Size

504KB
MD5

0410eca9d16b07dd47a8328df092e8b1
SHA1

94d16eab36339cc923e1d4f10e7cc89a0e76ee03
SHA256

25c8d185d071a6d9ca7c2b556b9e81fe0d6cbf78ebd619471aaf8ba18b732ddb
SHA512

d7da9816f7f5130ca2dd8e60df2a1e18615564b79494b3a8de744dcf50df183cc5b27760b34d37c85019364ca20c56bcb16239c5113a73b09fb7d62c00da6375
SSDEEP

12288:ZyzO/dL8RbrJovkHNnePoajCTKRNcN3m0keNCHkXbml:IS/+Rbt6kHNnePoavR6NdkQCHum

Score

N/A

Malware Config

Signatures

Files

25c8d185d071a6d9ca7c2b556b9e81fe0d6cbf78ebd619471aaf8ba18b732ddb
.exe windows x86

78b11862ad04438ace995069bf8493b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EnumFontFamiliesExW
GetObjectA

kernel32

GetTickCount
GetCPInfo
HeapCreate
GetStartupInfoW
InitializeCriticalSection
HeapReAlloc
CreateMutexA
FlushFileBuffers
LCMapStringA
FreeEnvironmentStringsA
GetStdHandle
GetProcessAffinityMask
IsValidLocale
GetProcAddress
OpenMutexA
EnumDateFormatsExA
CompareStringW
GetLocaleInfoA
GetCurrentThread
GetStartupInfoA
InterlockedExchange
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTimeZoneInformation
RtlUnwind
VirtualProtect
IsValidCodePage
IsBadWritePtr
GetMailslotInfo
WriteFile
SetFilePointer
GetDateFormatA
GetCommandLineA
VirtualQuery
FreeEnvironmentStringsW
GetLastError
GetSystemTimeAdjustment
TlsGetValue
lstrcpynW
GetUserDefaultLCID
CloseHandle
GetSystemInfo
WriteConsoleOutputCharacterW
WaitNamedPipeW
UnhandledExceptionFilter
SetEnvironmentVariableA
SetUnhandledExceptionFilter
GetFileType
GetModuleFileNameA
SetThreadLocale
LoadLibraryA
SetHandleCount
CompareStringA
RtlFillMemory
TlsAlloc
HeapAlloc
HeapFree
DeleteCriticalSection
SetStdHandle
ExitProcess
SetLastError
MultiByteToWideChar
DuplicateHandle
OutputDebugStringW
IsBadReadPtr
LCMapStringW
VirtualFree
TlsSetValue
GetACP
VirtualAlloc
EnterCriticalSection
GetOEMCP
GetModuleHandleA
HeapDestroy
GetStringTypeW
WideCharToMultiByte
LeaveCriticalSection
GetEnvironmentStringsW
GetCurrentProcess
GetCurrentThreadId
QueryPerformanceCounter
GetCommandLineW
ReadFile
GetEnvironmentStrings
GetModuleFileNameW
EnumTimeFormatsA
HeapSize
GetVersionExA
GetTimeFormatA
GetPrivateProfileSectionNamesA
GetComputerNameW
GetStringTypeA
GetLocaleInfoW
EnumSystemLocalesA
TlsFree

comctl32

CreateMappedBitmap
DrawStatusTextA
InitMUILanguage
ImageList_SetFlags
CreatePropertySheetPageA
ImageList_Add
ImageList_ReplaceIcon
InitCommonControlsEx

shell32

RealShellExecuteW
SHGetPathFromIDListW
RealShellExecuteExW
SHGetFileInfo

user32

RegisterClassExA
EndPaint
ModifyMenuW
LoadAcceleratorsA
DrawEdge
GetTabbedTextExtentW
GetGuiResources
IsCharAlphaW
UnhookWindowsHook
DialogBoxIndirectParamA
CreateWindowStationW
GetAncestor
RegisterClassA
SetScrollPos
ShowWindow
ReleaseDC

Sections

.text
Size: 349KB - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78b11862ad04438ace995069bf8493b6

Headers

File Characteristics

Imports

gdi32

kernel32

comctl32

shell32

user32

Sections

.text Size: 349KB - Virtual size: 348KB

.rdata Size: 38KB - Virtual size: 59KB

.data Size: 102KB - Virtual size: 101KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 349KB - Virtual size: 348KB

.rdata
Size: 38KB - Virtual size: 59KB

.data
Size: 102KB - Virtual size: 101KB

.rsrc
Size: 14KB - Virtual size: 13KB