7c7a7fe78b4c22e42b258ef0bfd8f4c640354bac59272dd030e15243b0d817f7

Sharing

Copy URL Twitter E-mail

General

Target

7c7a7fe78b4c22e42b258ef0bfd8f4c640354bac59272dd030e15243b0d817f7
Size

400KB
MD5

08979edc9fb4000b29b14caf161d5f36
SHA1

a9f4a5028438447e737e00e711b6eb9a5bc9b30c
SHA256

7c7a7fe78b4c22e42b258ef0bfd8f4c640354bac59272dd030e15243b0d817f7
SHA512

3d13b308c9dd9076c58fab02a5789dec41064fbe8e2f6d4981f113f6bf2450399e40cba2d6b5bcd732c76ebe57b8303bf085b137c46b8250afbdf3de50e1d047
SSDEEP

6144:7CetsIWXgVj4zh/zWMtawK/bDZcTgGbIIGA9Yo6Ll/kzU+nfUxO4AASqUdqMZlCa:7CetszphhbNaA2dsWzGNdflW+IEe4Ok

Score

N/A

Malware Config

Signatures

Files

7c7a7fe78b4c22e42b258ef0bfd8f4c640354bac59272dd030e15243b0d817f7
.exe windows x86

4250ce3c41b4e4c890acfbe29fab50c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetVersionExA
EnumCalendarInfoA
GetCPInfo
OpenSemaphoreW
IsBadWritePtr
GlobalUnlock
ExitProcess
GetStartupInfoA
QueryDosDeviceW
CreateNamedPipeW
InitializeCriticalSection
IsBadStringPtrA
GlobalFlags
GetTimeZoneInformation
SetEnvironmentVariableA
ReadFile
WritePrivateProfileSectionW
EnumResourceNamesA
SetFileTime
WriteFile
SetTimeZoneInformation
WritePrivateProfileStringW
ReleaseSemaphore
UnhandledExceptionFilter
PeekConsoleInputW
CreateProcessA
GetLargestConsoleWindowSize
SetCommTimeouts
VirtualAlloc

user32

FrameRect
MessageBoxA
GetPropA

gdi32

CreateMetaFileA
CreateFontIndirectW
PolyPolyline
ExtFloodFill
SetMapMode
CopyMetaFileW
GetCharacterPlacementA
ChoosePixelFormat
GetBrushOrgEx
ExtCreateRegion
GetNearestColor
CreateHatchBrush
GetGlyphOutlineA
CreateCompatibleDC
ExtTextOutA
Escape
PtInRegion
SetBrushOrgEx
GetRgnBox
AbortDoc

comdlg32

FindTextW

advapi32

LookupAccountSidA
StartServiceA
CryptAcquireContextA
OpenSCManagerW
CryptGenRandom
GetUserNameA
CryptSetProvParam
ReadEventLogW
AbortSystemShutdownA
RegSetValueA
StartServiceW
CryptGetUserKey
RegConnectRegistryA
CryptAcquireContextW
RegUnLoadKeyA
AdjustTokenPrivileges
AddAccessDeniedAce
DuplicateTokenEx
GetSecurityDescriptorDacl
FreeSid

shell32

SHGetSpecialFolderPathW
DragAcceptFiles

ole32

OleCreate
OleConvertIStorageToOLESTREAM
OleFlushClipboard
CoUninitialize
OleCreateMenuDescriptor
CoTreatAsClass
CoCreateInstance

oleaut32

SysAllocStringLen
LoadTypeLibEx
SafeArrayPutElement
SetErrorInfo
SafeArrayGetElement
VariantChangeType
QueryPathOfRegTypeLi

comctl32

ImageList_SetIconSize

shlwapi

PathRemoveArgsW
SHCopyKeyA

Sections

uqkygq
Size: 336KB - Virtual size: 333KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

aaoieg
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

wwmmu
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cykiq
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4250ce3c41b4e4c890acfbe29fab50c4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

uqkygq Size: 336KB - Virtual size: 333KB

aaoieg Size: 4KB - Virtual size: 2KB

wwmmu Size: 48KB - Virtual size: 46KB

cykiq Size: 8KB - Virtual size: 5KB

uqkygq
Size: 336KB - Virtual size: 333KB

aaoieg
Size: 4KB - Virtual size: 2KB

wwmmu
Size: 48KB - Virtual size: 46KB

cykiq
Size: 8KB - Virtual size: 5KB