577849aa976ab93e4626d4742fb0a8e0ed8d20a29b538eb2da9ceaec4ed81d50

Sharing

Copy URL Twitter E-mail

General

Target

577849aa976ab93e4626d4742fb0a8e0ed8d20a29b538eb2da9ceaec4ed81d50
Size

136KB
MD5

0ecd299320823509eaaa4c278cb06be0
SHA1

11c71cbff17d4f0eade1044af4ff1607f9654089
SHA256

577849aa976ab93e4626d4742fb0a8e0ed8d20a29b538eb2da9ceaec4ed81d50
SHA512

15d94a6debad622ba30f46efb410519ea48605e2473596b01276be95723d25f97aba0f19da130b868f17e5974bd6ad2025adc0214401989eca4362848d72bf55
SSDEEP

3072:QBMvlUJqWBAbzyh70rMXOQlVKWsPFoWmkUl11fJ:F5rLQlV9b11

Score

N/A

Malware Config

Signatures

Files

577849aa976ab93e4626d4742fb0a8e0ed8d20a29b538eb2da9ceaec4ed81d50
.exe windows x86

974df077726b53add899d2b9aef16fb6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

ord156
StrCmpNW
SHRegEnumUSKeyW
StrFormatByteSizeW
PathIsContentTypeA

shell32

ord173
SHBrowseForFolderA

kernel32

GetModuleHandleA
lstrcatW
lstrcpyA
OpenFile
SetFilePointer
SetFilePointerEx
_lclose
ClearCommBreak
EnumResourceTypesA
SetProcessPriorityBoost
TerminateThread
HeapDestroy
lstrcmpiW
GetHandleInformation
LocalAlloc
WaitForMultipleObjects
GetProcessAffinityMask
CreateMailslotA
GetFileTime
_lopen
CloseHandle
DeleteFileW
CopyFileExA
GetLocalTime
GetProcAddress
lstrcmpiA
GetTempPathW
lstrcatA
FileTimeToDosDateTime
LoadLibraryW
FindResourceW
LocalFileTimeToFileTime
FileTimeToSystemTime
FormatMessageW
_lcreat
DosDateTimeToFileTime
GetAtomNameW

user32

EndPaint
DestroyIcon
DlgDirListW
IsWindowVisible
GetActiveWindow
CharLowerBuffA
CharUpperBuffA
GetWindowPlacement
SetForegroundWindow
EnumPropsW
RemovePropW
PostMessageW
SetMenuItemBitmaps
InvalidateRgn
SendMessageA
BeginPaint
TranslateMessage
LockWindowUpdate
GetCursorInfo
SetPropA
SetScrollPos
PeekMessageA
ReleaseDC
TranslateAcceleratorA
GetWindowRgn
LoadAcceleratorsA
DispatchMessageA
SetWindowTextW
GetPropW
LoadCursorFromFileA
GetDC
GetDesktopWindow
SetMenuItemInfoA

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
GetBitmapBits
GetSystemPaletteEntries
LineTo
SetBoundsRect
GetCharWidth32W
ExtCreateRegion
SetViewportOrgEx
GetTextExtentPoint32W
SetBkColor
AngleArc
OffsetClipRgn
SetTextCharacterExtra
CreateScalableFontResourceW
UpdateColors

advapi32

ObjectDeleteAuditAlarmA
GetSidLengthRequired
EqualPrefixSid
EqualSid
PrivilegedServiceAuditAlarmW

Exports

Exports

_Copy_Setup@12
_Create_Setup@12
_Set_Setup@12
_Update_Setup@12

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vars
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zero
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.const
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

IMPORTS
Size: 512B - Virtual size: 155B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

974df077726b53add899d2b9aef16fb6

Headers

File Characteristics

Imports

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.code Size: 7KB - Virtual size: 7KB

.data Size: - Virtual size: 164B

.vars Size: 512B - Virtual size: 372B

.zero Size: 3KB - Virtual size: 3KB

.const Size: 512B - Virtual size: 44B

IMPORTS Size: 512B - Virtual size: 155B

.rsrc Size: 116KB - Virtual size: 116KB

.reloc Size: 1024B - Virtual size: 688B

.text
Size: 5KB - Virtual size: 5KB

.code
Size: 7KB - Virtual size: 7KB

.data
Size: - Virtual size: 164B

.vars
Size: 512B - Virtual size: 372B

.zero
Size: 3KB - Virtual size: 3KB

.const
Size: 512B - Virtual size: 44B

IMPORTS
Size: 512B - Virtual size: 155B

.rsrc
Size: 116KB - Virtual size: 116KB

.reloc
Size: 1024B - Virtual size: 688B