2fc0611334138c4fb6947ce05640f475cfd342722c47a8ab9041c61e8dd81e14

Sharing

Copy URL Twitter E-mail

General

Target

2fc0611334138c4fb6947ce05640f475cfd342722c47a8ab9041c61e8dd81e14
Size

324KB
MD5

2c00e8462e4adeb47f5446aa8d6f61e0
SHA1

6bbd63edf00aa221e6834495cabac5bc4b94e2e5
SHA256

2fc0611334138c4fb6947ce05640f475cfd342722c47a8ab9041c61e8dd81e14
SHA512

1253cd2ee4a6349c53079959a42aa308371fb110f6c205ee3ad3cc250e73dbcae1429780fdb71e8fcd3aafec11c99abdbcc841dbf1041aaef0b7100d8faf832d
SSDEEP

3072:e5zaT3GhztDthHmu2+3UH9Hj8cuxvbL0YUxKeeeeeeeeeeeeeeeeeeeNXjHHwva5:eeoz9HG+3Ot4RUx9nwSygEIfN

Score

N/A

Malware Config

Signatures

Files

2fc0611334138c4fb6947ce05640f475cfd342722c47a8ab9041c61e8dd81e14
.exe windows x86

30117b436c8f6c0d74046e9ea4dee4e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassInfoExA
RegisterClassExA
FindWindowA
PostQuitMessage
PeekMessageA
TranslateMessage
DispatchMessageA
GetDlgCtrlID
GetSysColor
LoadIconA
LoadStringA
GetWindowTextA
MessageBoxA
SetWindowTextA
SetFocus
ShowWindow
EndDialog
DialogBoxParamA
GetDlgItem
SendMessageA
BeginPaint
LoadBitmapA
EnableWindow

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

comctl32

ImageList_Draw
ImageList_Create
ord17
ImageList_AddMasked

gdi32

CreateSolidBrush
GetObjectA
SetBkMode
SetTextColor

shell32

ShellExecuteExA

crypt32

CertSetCertificateContextProperty
CertFreeCertificateContext
CertCreateCertificateContext
CertGetNameStringA

hdifd_jh

ord224
ord240
ord242

kernel32

HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
SetFilePointer
GetVersionExA
GetEnvironmentVariableA
GetStringTypeA
GetStringTypeW
GetLastError
GetSystemDefaultLangID
FreeLibrary
GetProcAddress
LoadLibraryA
WaitForSingleObject
Sleep
CreateMutexA
OpenMutexA
GetModuleFileNameA
InterlockedDecrement
InterlockedIncrement
CreateThread
GetCurrentThreadId
TlsSetValue
TlsGetValue
ExitThread
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
EnterCriticalSection
LeaveCriticalSection
HeapFree
CloseHandle
InitializeCriticalSection
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
DeleteCriticalSection
TlsAlloc
SetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

30117b436c8f6c0d74046e9ea4dee4e6

Headers

File Characteristics

Imports

user32

advapi32

comctl32

gdi32

shell32

crypt32

hdifd_jh

kernel32

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 32KB

.rsrc Size: 204KB - Virtual size: 203KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 32KB

.rsrc
Size: 204KB - Virtual size: 203KB

.rmnet
Size: 60KB - Virtual size: 60KB