483b91d80a7514a7d9d7da5d470f825a49a51654fdd3954549a4b42425937bbf

Sharing

Copy URL Twitter E-mail

General

Target

483b91d80a7514a7d9d7da5d470f825a49a51654fdd3954549a4b42425937bbf
Size

136KB
MD5

0dd73f690d7ba9f632411e783766a9fa
SHA1

ebd26c731f477baacc07640313bf3fdac155024a
SHA256

483b91d80a7514a7d9d7da5d470f825a49a51654fdd3954549a4b42425937bbf
SHA512

46a32fc478218f022e44f455efd5ba92388f3d39afb0c528ca224bddf2551e9dce396abb2fab270cc7a2b67ba4805bd1b980e049e69854955cd4c1ee686bb8f3
SSDEEP

3072:wrk+zUNWfMiCOQibXjFyZ25m8LFVWHOC0fuT4:YfM34Xjoam8LFSWuT

Score

N/A

Malware Config

Signatures

Files

483b91d80a7514a7d9d7da5d470f825a49a51654fdd3954549a4b42425937bbf
.exe windows x86

7e199c2de7e2d0a3edd8d0f27883fa71

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

ord156
StrCmpNW
SHRegEnumUSKeyW
StrFormatByteSizeW
PathIsContentTypeA

shell32

ord173
SHBrowseForFolderA

kernel32

GetModuleHandleA
lstrcatW
lstrcpyW
lstrcpyA
OpenFile
SetFilePointer
SetFilePointerEx
_lclose
ClearCommBreak
EnumResourceTypesA
SetProcessPriorityBoost
TerminateThread
lstrcmpiW
GetAtomNameW
GetHandleInformation
LocalAlloc
WaitForMultipleObjects
GetProcessAffinityMask
CreateMailslotA
GetFileTime
_lopen
CloseHandle
DeleteFileW
CopyFileExA
GetLocalTime
GetProcAddress
lstrcmpiA
GetTempPathW
FileTimeToDosDateTime
LoadLibraryW
FormatMessageA
FindResourceW
LocalFileTimeToFileTime
FileTimeToSystemTime
FormatMessageW
_lcreat
DosDateTimeToFileTime
HeapDestroy

user32

EndPaint
DestroyIcon
DlgDirListW
IsWindowVisible
GetActiveWindow
CharLowerBuffA
CharUpperBuffA
GetWindowPlacement
SetForegroundWindow
EnumPropsW
RemovePropW
PostMessageW
SetMenuItemBitmaps
InvalidateRgn
SendMessageA
BeginPaint
TranslateMessage
LockWindowUpdate
GetCursorInfo
SetPropA
SetScrollPos
PeekMessageA
ReleaseDC
TranslateAcceleratorA
GetWindowRgn
LoadAcceleratorsA
DispatchMessageA
SetMenuItemInfoA
GetPropW
LoadCursorFromFileA
GetDC
GetDesktopWindow
SetWindowTextW

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
GetBitmapBits
GetSystemPaletteEntries
LineTo
SetBoundsRect
GetCharWidth32W
ExtCreateRegion
SetViewportOrgEx
GetTextExtentPoint32W
SetBkColor
AngleArc
OffsetClipRgn
SetTextCharacterExtra
CreateScalableFontResourceW
UpdateColors

advapi32

ObjectDeleteAuditAlarmA
GetSidLengthRequired
EqualPrefixSid
EqualSid
PrivilegedServiceAuditAlarmW

Exports

Exports

_Copy_Ico@12
_Create_Ico@12
_Set_Ico@12
_Update_Ico@12

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vars
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zero
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.const
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e199c2de7e2d0a3edd8d0f27883fa71

Headers

File Characteristics

Imports

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.code Size: 7KB - Virtual size: 7KB

.data Size: - Virtual size: 160B

.vars Size: 4KB - Virtual size: 3KB

.zero Size: 512B - Virtual size: 512B

.const Size: 512B - Virtual size: 44B

.rsrc Size: 116KB - Virtual size: 115KB

.reloc Size: 1024B - Virtual size: 672B

.text
Size: 5KB - Virtual size: 5KB

.code
Size: 7KB - Virtual size: 7KB

.data
Size: - Virtual size: 160B

.vars
Size: 4KB - Virtual size: 3KB

.zero
Size: 512B - Virtual size: 512B

.const
Size: 512B - Virtual size: 44B

.rsrc
Size: 116KB - Virtual size: 115KB

.reloc
Size: 1024B - Virtual size: 672B