fa114b19ca634888be317306d16cd70d47c354b6f75b8ad7970ac8c73eae2248

General

Target

fa114b19ca634888be317306d16cd70d47c354b6f75b8ad7970ac8c73eae2248
Size

71KB
MD5

33c9a09020b877c6502c895270b010a3
SHA1

e2f11442282b2b5d8478ee140ee78e48db63ffcb
SHA256

fa114b19ca634888be317306d16cd70d47c354b6f75b8ad7970ac8c73eae2248
SHA512

ec58d93caf7c129bfd5dc827f2b6e607617ebc881732d096fcba260e3980a32083160aa69c668c047530bb56181d1f5e803d5793f0cbcc6901fe506ff116824d
SSDEEP

1536:y19MydTQgJXuK/O5SAS13sIRUZ8sk4BQ6q380Qen+74bztCW0fEv0SDLXnst:AMydTLIUwEtsIRg8dqj2RgkzYWC0dQ

Score

N/A

Malware Config

Signatures

Files

fa114b19ca634888be317306d16cd70d47c354b6f75b8ad7970ac8c73eae2248
.zip
Forderung 18.08.2015 - Rechtsanwalt Directpay24 AG.com
.exe windows x86

afd4344ae7e632e48e223a6f08682c5a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSLogoffSession
WTSVirtualChannelWrite
WTSOpenServerA
WTSUnRegisterSessionNotification
WTSQuerySessionInformationA
WTSFreeMemory
WTSVirtualChannelRead
WTSSendMessageA
WTSCloseServer
WTSSetUserConfigA
WTSQueryUserToken
WTSRegisterSessionNotification

msimg32

DllInitialize
TransparentBlt
GradientFill

user32

wsprintfW
LoadBitmapW
SendMessageA
EndDialog
InsertMenuA
InsertMenuA
EnumWindows
CreateWindowExW
DefDlgProcW
DrawTextExA
CreateDesktopA
GetPropA
FindWindowA
LoadImageW
EnumDesktopsA
MessageBoxA
LoadCursorA
OemToCharA

kernel32

CompareStringW
GetEnvironmentVariableW
GetLastError
GetProcAddress
CreateWaitableTimerW
OpenEventW
GetFileSize
CreateMutexW
CreateSemaphoreA
WaitForSingleObjectEx
GetCurrentProcess
GetStartupInfoW
InitializeCriticalSection
CreateEventA
GetStringTypeA
CreateDirectoryW
FormatMessageA
CopyFileA
GetOEMCP
GetModuleHandleA
GetCommandLineW

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

afd4344ae7e632e48e223a6f08682c5a

Headers

File Characteristics

Imports

wtsapi32

msimg32

user32

kernel32

Sections

.text Size: 20KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 220KB

.rsrc Size: 64KB - Virtual size: 61KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 220KB

.rsrc
Size: 64KB - Virtual size: 61KB

.reloc
Size: 4KB - Virtual size: 2KB