815e25579f74e8ffacf3d5183dc6f4f7ab537164f143254f6026050b093072c4

Sharing

Copy URL Twitter E-mail

General

Target

815e25579f74e8ffacf3d5183dc6f4f7ab537164f143254f6026050b093072c4
Size

340KB
MD5

04be06d5d091ec5dc2ebd271d44f8720
SHA1

a165503d005bbd9cc3a20a5fc433a894507c69e6
SHA256

815e25579f74e8ffacf3d5183dc6f4f7ab537164f143254f6026050b093072c4
SHA512

7a9af6e461b2bcbc3fb5d0081ed2de0aefc89a37de144f05f4633d3df1f43241f08527744a80bce372b4fa075564a1cbc454cda89f438b2a72f5892061c75b20
SSDEEP

6144:WNgcpb5FnYyrZuIwfObGx+XPg3Hd5EXhYSnFXT46SWKCWlVpUfP:Egcpb5nZkObGxD3HsYSnFX15odA

Score

N/A

Malware Config

Signatures

Files

815e25579f74e8ffacf3d5183dc6f4f7ab537164f143254f6026050b093072c4
.exe windows x86

3a8a18ff21bfaa860b5182998a9a08a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDBCSLeadByteEx
GetFileType
CreateIoCompletionPort
WritePrivateProfileStructA
GetTickCount
GetUserDefaultLangID
GetThreadContext
SetEvent
GetCommandLineA
GetVersionExA
lstrlenA
ExitProcess
VirtualProtect

user32

GetDlgItemInt
SetMenuItemBitmaps
BroadcastSystemMessageW
UnregisterHotKey
DefFrameProcA
CreateDesktopA
OpenInputDesktop
GetUserObjectInformationW
CharLowerBuffA
GrayStringA
GrayStringW
DefDlgProcW
SetForegroundWindow
SendDlgItemMessageW
DefDlgProcA
EnumChildWindows
SetDlgItemTextW
GetCursorPos
InvalidateRgn
EnumDesktopsW
SetDlgItemInt
GetMenuInfo
FindWindowW
SetWindowContextHelpId
IsClipboardFormatAvailable
VkKeyScanA
SendMessageA
DrawIcon
BroadcastSystemMessageA
DestroyCursor
wvsprintfA
GetForegroundWindow

gdi32

GetViewportOrgEx
SelectClipRgn

comdlg32

ChooseFontW

advapi32

GetServiceDisplayNameW
RegSetValueA
RegUnLoadKeyA
StartServiceCtrlDispatcherW
AbortSystemShutdownW
GetServiceDisplayNameA
SetSecurityInfo
RegQueryValueExA
LookupPrivilegeValueW
BuildTrusteeWithSidW
CloseServiceHandle
UnlockServiceDatabase
MakeAbsoluteSD
SetFileSecurityW
RegisterEventSourceW
MapGenericMask
DuplicateTokenEx
GetAce
SetThreadToken
EqualSid
OpenThreadToken
FreeSid

shell32

ExtractIconA
FindExecutableW
SHGetSpecialFolderPathA

ole32

OleInitialize
CoTreatAsClass
ReadClassStg

oleaut32

SetErrorInfo
SafeArrayPutElement
VariantChangeType
SysAllocStringLen
SafeArrayRedim
LoadTypeLibEx

shlwapi

PathIsFileSpecW
PathFindExtensionW

setupapi

SetupDiClassGuidsFromNameW
SetupDiCallClassInstaller
SetupDiRemoveDevice
SetupDiSetSelectedDriverA
SetupGetIntField

Sections

.text
Size: 288KB - Virtual size: 286KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3a8a18ff21bfaa860b5182998a9a08a8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

setupapi

Sections

.text Size: 288KB - Virtual size: 286KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 44KB - Virtual size: 41KB

.text
Size: 288KB - Virtual size: 286KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 44KB - Virtual size: 41KB