3baab388bad23fe2abe52258811a3b9e62a8e54ef18c539df75e96a237442415

Sharing

Copy URL Twitter E-mail

General

Target

3baab388bad23fe2abe52258811a3b9e62a8e54ef18c539df75e96a237442415
Size

112KB
MD5

290df7a0d7182476be194224496a0b00
SHA1

51b20f5273c6dec0adcf8563eccb0e2f5d389b0c
SHA256

3baab388bad23fe2abe52258811a3b9e62a8e54ef18c539df75e96a237442415
SHA512

cb416aa86c165dab9c87cc76d6d6fe0dac0a6c306ccf24fd6bd41d00b9c572847c6a70376ae45a1abdaace48533f84a65860395129841cedae1285983c411b1f
SSDEEP

3072:iBvptwnj289z1uMF/jPoLz3VSDADeak7dJHB/AdGo:Ccnd9z1uMNjM3VSsQLH5Adz

Score

N/A

Malware Config

Signatures

Files

3baab388bad23fe2abe52258811a3b9e62a8e54ef18c539df75e96a237442415
.exe windows x86

e72c5092640c02858f387930f0611919

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
FindFirstFileA
FindClose
WriteFile
ReadFile
GetModuleFileNameA
WaitForSingleObject
CreateProcessA
GetCurrentProcess
LoadLibraryA
GetProcAddress
FreeLibrary
GetLastError
GlobalAlloc
GlobalUnlock
FindNextFileA
CreateFileA
GetTimeZoneInformation
GetSystemTime
CompareStringA
SetEndOfFile
CompareStringW
SetStdHandle
SetFilePointer
GetStringTypeA
IsBadCodePtr
GetStringTypeW
SetUnhandledExceptionFilter
IsBadWritePtr
IsBadReadPtr
FlushFileBuffers
VirtualFree
VirtualAlloc
HeapDestroy
GetFileType
HeapCreate
SetHandleCount
GetEnvironmentStringsW
GetStdHandle
CloseHandle
GetLocalTime
DeleteFileA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetEnvironmentStrings
GetOEMCP
GetACP
UnhandledExceptionFilter
LCMapStringA
GetCPInfo
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
SetEnvironmentVariableA
SetCurrentDirectoryA
LCMapStringW
WideCharToMultiByte
GetVersion
MultiByteToWideChar
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapFree
HeapReAlloc
HeapSize

user32

InvalidateRect
GetClientRect
SetForegroundWindow
ShowWindow
DestroyWindow
CreateDialogParamA
PostQuitMessage
UpdateWindow
SendMessageA
GetDlgItem
EndPaint
ReleaseDC
GetDC
MessageBoxA
BeginPaint
SetWindowTextA
LoadStringA
ExitWindowsEx
GetMessageA
DispatchMessageA
PeekMessageA
TranslateMessage
EndDialog
DialogBoxParamA
SendDlgItemMessageA

gdi32

CreateDIBitmap
RealizePalette
SelectPalette
CreatePalette
DeleteDC
StretchBlt
SetStretchBltMode
GetObjectA
SelectObject
CreateCompatibleDC
DeleteObject

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

shell32

ShellExecuteA

comctl32

ord17

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e72c5092640c02858f387930f0611919

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

Sections

.text Size: 52KB - Virtual size: 49KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 44KB - Virtual size: 41KB

.text
Size: 52KB - Virtual size: 49KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 44KB - Virtual size: 41KB