5d0ef49316b245f24380b2d058fb70221c0e59a456bd10b94bb95b19caa91bde

Sharing

Copy URL Twitter E-mail

General

Target

5d0ef49316b245f24380b2d058fb70221c0e59a456bd10b94bb95b19caa91bde
Size

132KB
MD5

0822ef048b2ccf2f0c230d58ac59ef70
SHA1

01e0805556340c86d7c9e29c08b35c4445c783a9
SHA256

5d0ef49316b245f24380b2d058fb70221c0e59a456bd10b94bb95b19caa91bde
SHA512

f4cc625b2f7e776c98dfe6db38b00bf609b50609182b0f1b4e6cda86194d2f3824d1cb21361087335f9483f003b3be7436d554c95ed41a2e72b90f6bac3d32af
SSDEEP

3072:V8IUZ5l+ee1vyeczYO03/I8M62sqlT7kgXOe1Ek+70:V8X/5sOuM6pe+e1Ekz

Score

N/A

Malware Config

Signatures

Files

5d0ef49316b245f24380b2d058fb70221c0e59a456bd10b94bb95b19caa91bde
.exe windows x86

c8bd82cad0a6737ab16c05da52190d35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetEnvironmentStrings
VirtualProtect
GetUserDefaultLangID
GetVersionExW
GetConsoleOutputCP
GetStartupInfoA
GetDateFormatA
GetModuleHandleW
LocalFree
GetCurrentProcessId
GlobalLock
GetModuleHandleA
CreateProcessA
GetCommandLineW
GetTempFileNameA
WritePrivateProfileStringA

msvcrt

fwrite
exit
__setusermatherr
localeconv
fread
_except_handler3
__set_app_type
_adjust_fdiv
log
__p__commode
_acmdln
_controlfp
__getmainargs
_XcptFilter
rand
_initterm
fgetc
_wfopen
isspace
__p__fmode

user32

SendDlgItemMessageA
CharNextA
IntersectRect
WindowFromPoint
FindWindowA
RegisterClassA
MessageBeep

ole32

CreateStreamOnHGlobal
CoFreeUnusedLibraries
CoInitializeSecurity
CLSIDFromString
CoGetClassObject
OleIsCurrentClipboard
StringFromGUID2

advapi32

RegQueryValueA
RegOpenKeyA
CryptGenRandom
DeregisterEventSource
RegDeleteValueW
InitializeAcl
IsValidSid
CryptCreateHash
AddAccessAllowedAce
CopySid
RegEnumKeyExA
FreeSid
QueryServiceStatus
RegEnumValueW

comctl32

ImageList_GetIcon
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_Draw
ImageList_Read
ImageList_ReplaceIcon
InitializeFlatSB

gdi32

SetColorAdjustment
StartDocA
GetOutlineTextMetricsA
SetWindowExtEx
CreateDIBitmap
GetTextExtentPoint32W
GetDIBits
SetDIBits
StretchBlt
EnumFontFamiliesA

version

GetFileVersionInfoW
VerQueryValueA
VerInstallFileA
VerLanguageNameA
VerFindFileW
VerInstallFileW
GetFileVersionInfoA

oleaut32

SafeArrayPtrOfIndex
VariantClear
GetActiveObject
VariantCopyInd
SysAllocStringByteLen
SafeArrayRedim
SysStringByteLen
GetErrorInfo
SysFreeString
VariantCopy

shell32

SHGetFolderLocation
SHGetSettings
ExtractIconExW
DragFinish

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c8bd82cad0a6737ab16c05da52190d35

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

ole32

advapi32

comctl32

gdi32

version

oleaut32

shell32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 17KB - Virtual size: 41KB

.rsrc Size: 96KB - Virtual size: 96KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 17KB - Virtual size: 41KB

.rsrc
Size: 96KB - Virtual size: 96KB