ca44d34af23d11c4e9b276aba001379e2aa2bbc69768346810210f444b1c7fa0

Sharing

Copy URL

Twitter E-mail

General

Target

ca44d34af23d11c4e9b276aba001379e2aa2bbc69768346810210f444b1c7fa0
Size

78KB
MD5

0c70ae78f2c752842d511ba061e55e16
SHA1

dae145e081462e8ae7e7edadb8144133ecb503ae
SHA256

ca44d34af23d11c4e9b276aba001379e2aa2bbc69768346810210f444b1c7fa0
SHA512

cc020ccda0eb498331fd0f9210884e951bec7756245d03be0aa17e34a12eca8d11bdf9c887ec587dce58be3113e8aaca1ae289ed4a5ad86936604538368c2c33
SSDEEP

1536:A5cLjXZHqdGrEltcI08eZ3YwdURtn8tNmSzr2YQdA8EEjI:DXZUMElmI08u32EcrRI

Score

N/A

Malware Config

Signatures

Files

ca44d34af23d11c4e9b276aba001379e2aa2bbc69768346810210f444b1c7fa0
.exe windows x86

f0ccc3683f5e98ff23a1803be8741e91

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

free
memcpy
_strnicmp
atexit
memset
_adjust_fdiv
_exit
_onexit
__set_app_type
__dllonexit
_controlfp
_setmode
_except_handler3
__p__fmode
__p__commode
signal
__p___initenv
_XcptFilter
__setusermatherr
strlen
calloc
_initterm
__getmainargs

kernel32

GetProcAddress
InterlockedExchange
GetModuleHandleW
SetLastError
GetSystemDirectoryW
GetCommandLineW
GetOEMCP
lstrcatA
GetFileTime
VirtualProtectEx
GetTempFileNameA
MultiByteToWideChar
GetModuleFileNameW
GetProcessHeap
GetLocaleInfoA
CreateDirectoryA

user32

GetMenuState
ScrollWindow
FindWindowA
IsWindowEnabled
LoadStringA
DestroyWindow
EqualRect
InflateRect
GetMenuStringA

ole32

IsAccelerator
CoInitialize
OleDraw
PropVariantClear
CoFreeUnusedLibraries
CLSIDFromString
CoTaskMemFree
CreateStreamOnHGlobal
ReleaseStgMedium
CoCreateGuid
DoDragDrop
CreateBindCtx

gdi32

CreateHalftonePalette
CreateCompatibleBitmap
FillPath
ExtTextOutW
AbortDoc
GetEnhMetaFilePaletteEntries
GetOutlineTextMetricsA
StrokePath
BeginPath
SetStretchBltMode
CreateRectRgnIndirect
CreateFontW
StartDocW
RealizePalette
SetTextCharacterExtra
EndDoc
GetWindowOrgEx
DeleteDC
EnumFontsA
RectVisible
GetTextExtentExPointW
SetMapMode

advapi32

IsValidSid
GetLengthSid
GetTokenInformation
RegQueryInfoKeyW
RegDeleteValueW
RegQueryValueExW
RegEnumKeyA
RevertToSelf
CryptGenRandom
InitiateSystemShutdownA
RegOpenKeyExA
RegCreateKeyExW

comctl32

DestroyPropertySheetPage
ImageList_DragLeave
ImageList_SetDragCursorImage
ImageList_Remove
PropertySheetA
ImageList_Draw
ImageList_BeginDrag
ImageList_Add
ImageList_DragEnter
ImageList_SetOverlayImage

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0ccc3683f5e98ff23a1803be8741e91

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

ole32

gdi32

advapi32

comctl32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 61KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 61KB

.rsrc
Size: 6KB - Virtual size: 6KB