5fe40ea14dbe1a4a5e3361e178c2f6531c74e9742f09ebf4f53cdf5c0ab95414

Sharing

Copy URL Twitter E-mail

General

Target

5fe40ea14dbe1a4a5e3361e178c2f6531c74e9742f09ebf4f53cdf5c0ab95414
Size

87KB
MD5

0dbfe8dd6a7fc3189f671230a1c35676
SHA1

f5ab8474d0f96bdb50494d43890a0e6a9f6c842f
SHA256

5fe40ea14dbe1a4a5e3361e178c2f6531c74e9742f09ebf4f53cdf5c0ab95414
SHA512

67d81233ae0e3b2f54683cefdca5461a2e890bff58648ac39b94788e21522371438baef137f98d3d0f24bd41676aa9e3f70ca9c2e54dc6f319e56b3e5d3d1ac2
SSDEEP

1536:FrLm7Iegu4JagPZlvYpNeFDQHImQUqozwMCe4T89KEmt7zwPqglIMcm6SKOr:o7IegbJ7ZtSNeRrm1qgwLGO7zJgqXST

Score

N/A

Malware Config

Signatures

Files

5fe40ea14dbe1a4a5e3361e178c2f6531c74e9742f09ebf4f53cdf5c0ab95414
.exe windows x86

dfe171179fda2b5c8ffccc77375e2c49

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetProcAddress
GetWindowsDirectoryA
SetFileTime
GetCPInfo
SetLastError
GetStartupInfoW
GetSystemDefaultLCID
VirtualProtectEx
OpenProcess
GetEnvironmentStringsW
GetCurrentProcessId
WideCharToMultiByte
GetCommandLineW
GetDriveTypeA
GetProcessHeap
VirtualProtect
IsDBCSLeadByte
GetPrivateProfileStringA
GetConsoleOutputCP
MulDiv
GetModuleHandleW
WritePrivateProfileStringA

msvcrt

_adjust_fdiv
_XcptFilter
strchr
__p__fmode
__setusermatherr
_except_handler3
_exit
strstr
_initterm
signal
fwrite
_snprintf
fread
strncmp
atexit
_setmode
calloc
free
realloc
_stricmp
__p__commode
malloc
__getmainargs
__set_app_type
__p___initenv
_controlfp

ole32

CoDisconnectObject
CoRegisterMessageFilter
CoRegisterClassObject
IIDFromString
OleSetMenuDescriptor
CoGetClassObject
StgCreateDocfileOnILockBytes
CoUninitialize
OleRun
CoGetInterfaceAndReleaseStream
CoCreateGuid
CoTaskMemFree
OleIsCurrentClipboard
StgOpenStorage

comctl32

PropertySheetA
CreatePropertySheetPageA
ImageList_LoadImageW
DestroyPropertySheetPage
ImageList_DrawEx
ImageList_Remove
ImageList_Destroy
ImageList_Add
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_SetImageCount

gdi32

PolyDraw
DeleteMetaFile
FillPath
GetWinMetaFileBits
GetROP2
CopyMetaFileW
GetObjectW

advapi32

CheckTokenMembership
SetSecurityDescriptorDacl
GetSecurityDescriptorDacl
GetTokenInformation
LookupPrivilegeValueW
RegQueryValueExW
DeleteService
CloseServiceHandle
RegDeleteValueW
RegFlushKey
RegCreateKeyA
ControlService
RegQueryInfoKeyW
GetUserNameA
CryptHashData
CryptCreateHash

user32

GetKeyboardType
GetScrollPos
GetDC
DestroyMenu
CheckMenuItem
IsZoomed
InvalidateRect
GetScrollRange
MessageBeep
CallWindowProcA
CharNextA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dfe171179fda2b5c8ffccc77375e2c49

Headers

File Characteristics

Imports

kernel32

msvcrt

ole32

comctl32

gdi32

advapi32

user32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 61KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 61KB

.rsrc
Size: 7KB - Virtual size: 7KB