1604b2eecc0694878b6219bcd6250c2aac03ed7858918090e511bf7c13b42ee2

Sharing

Copy URL Twitter E-mail

General

Target

1604b2eecc0694878b6219bcd6250c2aac03ed7858918090e511bf7c13b42ee2
Size

171KB
MD5

0df90e7b69ca8519d8770a011d69c79f
SHA1

8d8e9077180cf7edb809cca41ce1b0d6747949f3
SHA256

1604b2eecc0694878b6219bcd6250c2aac03ed7858918090e511bf7c13b42ee2
SHA512

964e18c29165e6132689589f36ef97a491a1efcd8b481176211cfdd460a3d7bfe651a8aa146c9c4c78e0e744fb69ba2c4eee3fbe5386d6be19ee53465576d05c
SSDEEP

3072:bHLr83QtqcpVKveQ6gJix/C2l+Qsk2TyFeEBzuohXh/jnxlKnIaC:DLrwMpyqTKsbL2YeERB/Tb

Score

N/A

Malware Config

Signatures

Files

1604b2eecc0694878b6219bcd6250c2aac03ed7858918090e511bf7c13b42ee2
.exe windows x86

769bbe6bab950f96736ba8d87f34d953

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathUnquoteSpacesW
PathIsSameRootW
StrRChrA
PathMakePrettyW
PathIsUNCW

kernel32

FlushFileBuffers
GetPrivateProfileIntW
SetLastError
GetThreadLocale
PostQueuedCompletionStatus
CreateIoCompletionPort
GetEnvironmentVariableA
WriteProfileStringW
GetVolumeInformationW
EnumSystemCodePagesA
Sleep
VirtualQueryEx
GetProcessHeap
GetComputerNameA
GetTickCount
GetTimeFormatA
GetConsoleAliasExesLengthA
GetDriveTypeW
MapViewOfFile
lstrlenA
FreeEnvironmentStringsW

user32

CopyAcceleratorTableW
DdeInitializeW
SendNotifyMessageW
GetWindowDC
IsIconic
EnumClipboardFormats
LockWindowUpdate
OpenWindowStationA
GetScrollInfo
SystemParametersInfoW
DefWindowProcA
RemoveMenu
DefDlgProcA
ReleaseCapture
GetClipboardOwner
GetMessagePos
VkKeyScanA
RegisterClassA
LoadImageA

gdi32

SetROP2
EnumFontFamiliesExW
GetSystemPaletteEntries
GetNearestColor
PtInRegion
SetRectRgn
SetBkMode
GetDIBits
CreateFontIndirectW
SetMetaFileBitsEx
PlayMetaFile
GetTextExtentPoint32W
CreateEnhMetaFileW

Exports

Exports

?ExportedMainFunction@@YGKPAK@Z
AmisrompcepeDreePinkWeenyuchpotos

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

769bbe6bab950f96736ba8d87f34d953

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 25KB

.data Size: 117KB - Virtual size: 181KB

.mdata Size: 19KB - Virtual size: 19KB

.rsrc Size: 4KB - Virtual size: 3KB

.itext Size: 512B - Virtual size: 248B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 26KB - Virtual size: 25KB

.data
Size: 117KB - Virtual size: 181KB

.mdata
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 4KB - Virtual size: 3KB

.itext
Size: 512B - Virtual size: 248B

.reloc
Size: 3KB - Virtual size: 2KB