521651e78716e78ecce4e5a5edd39250cab47dc10d6b93b4118cbb3c6276985c

Sharing

Copy URL Twitter E-mail

General

Target

521651e78716e78ecce4e5a5edd39250cab47dc10d6b93b4118cbb3c6276985c
Size

103KB
MD5

0c874859a6fc79bb02752061221dfb16
SHA1

185c41b4a37116e719956030ba242cbaa6c94c87
SHA256

521651e78716e78ecce4e5a5edd39250cab47dc10d6b93b4118cbb3c6276985c
SHA512

31fdaadf8d751cb5da0814d73e1e27fbe1de36f865943e30c49072475c16290741de9528d1d2e0277231ade9a9e0f5aa05e7e1a4a4196f8f5bf61381bb7bb68d
SSDEEP

1536:NLrPviOdQukM9TtZgd3N5pkIM+QdnUCUoH9UJ88OMBYr45RWkaYHAdvJwvTd:NLrP7x8dd5w+sU7Ss8FMmUodhk

Score

N/A

Malware Config

Signatures

Files

521651e78716e78ecce4e5a5edd39250cab47dc10d6b93b4118cbb3c6276985c
.exe windows x86

1b26a84ff6e0b266ca82218f96010d5a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageA
GetModuleFileNameW
GetDiskFreeSpaceA
lstrcmpiW
GetCurrentThreadId
GetTickCount
VirtualProtect
GetFileAttributesA
GetNumberFormatA
lstrcatA
IsBadReadPtr
VirtualQuery
CreateDirectoryA

msvcrt

strlen
__set_app_type
__getmainargs
strncmp
__p__environ
_vsnprintf
_exit
__p__commode
_controlfp
atexit
__p___initenv
memmove
sinh
free
_adjust_fdiv
_except_handler3
calloc
_XcptFilter
__p__fmode
_initterm
__setusermatherr
strrchr
sprintf

comdlg32

GetOpenFileNameA

user32

KillTimer
TranslateMessage
wsprintfA
EndPaint
CreatePopupMenu
SetDlgItemTextA
WindowFromPoint
GetSystemMetrics
SetScrollRange
ShowOwnedPopups
SetClipboardData
GetScrollInfo
GetParent
DestroyMenu

ole32

CoInitializeSecurity
CoCreateGuid
ReleaseStgMedium
CLSIDFromString
OleInitialize
CLSIDFromProgID
IIDFromString
CoUninitialize
CoReleaseMarshalData

comctl32

InitializeFlatSB
ImageList_Read
ImageList_GetIconSize
ImageList_GetBkColor
ImageList_BeginDrag
DestroyPropertySheetPage
ImageList_GetImageInfo
ImageList_EndDrag
ImageList_ReplaceIcon
ImageList_Draw
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_LoadImageA
ImageList_Create
ImageList_GetImageCount
CreatePropertySheetPageW

gdi32

SetDIBits
GetOutlineTextMetricsA
LPtoDP
RoundRect
GetRgnBox
CreateEnhMetaFileA
CreatePenIndirect
CreateFontIndirectA
ExtTextOutW
ExtEscape
SetBkColor
GetTextExtentPointA
ExtFloodFill
GetCharWidthW
SetColorAdjustment

advapi32

OpenSCManagerA
RegCreateKeyExW
RegQueryValueA
EqualSid
OpenThreadToken
IsValidSid
InitializeSecurityDescriptor
RegEnumKeyW
RegEnumKeyA
DeleteService
SetSecurityDescriptorDacl
RegCreateKeyExA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b26a84ff6e0b266ca82218f96010d5a

Headers

File Characteristics

Imports

kernel32

msvcrt

comdlg32

user32

ole32

comctl32

gdi32

advapi32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 38KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 38KB

.rsrc
Size: 28KB - Virtual size: 27KB