21b0fbea2465df9ffd75300a58962b43114f870cc75e23834243de3e84c7f14e

Sharing

Copy URL Twitter E-mail

General

Target

21b0fbea2465df9ffd75300a58962b43114f870cc75e23834243de3e84c7f14e
Size

168KB
MD5

279b7b040c6a676e9dba70328ece91d0
SHA1

dd610f38a346156a5ba8c51c807e7685761b75ae
SHA256

21b0fbea2465df9ffd75300a58962b43114f870cc75e23834243de3e84c7f14e
SHA512

76156e2ff1fec165097d5b7d53d1f38d02fc700129db546c16a147e7f09d164734b47e09ae656b9514c5fa4b9ea06a8c1a820691b89e9eca5accfcc1a40a69ff
SSDEEP

3072:02Vv1g5JHTyjkqLZAwqqJcoBf/HlXQFW26afb0/TZ4qjFZ1fDuT1c/:02U5JHTy1AVcHVed0reqZ3g

Score

N/A

Malware Config

Signatures

Files

21b0fbea2465df9ffd75300a58962b43114f870cc75e23834243de3e84c7f14e
.exe windows x86

70f41855109fad1c83ee5372bcae09c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQueryEx
GetEnvironmentStringsW
GetEnvironmentVariableA
ReadProcessMemory
WideCharToMultiByte
LoadLibraryA
GetCommandLineW
WaitForSingleObject
TerminateProcess
VerLanguageNameA
GlobalFree
GlobalLock
GlobalAlloc
SetPriorityClass
GetTimeFormatA
CreateFileMappingA
CreateFileA
FileTimeToLocalFileTime
GetFileTime
GetPriorityClass
GetModuleHandleA
GetProcAddress
GetCurrentProcess
CloseHandle
IsBadStringPtrA
lstrlenA
lstrcmpiA
lstrcmpA
GetCurrentProcessId
lstrcpyA
GetVersion
MultiByteToWideChar
MapViewOfFile
lstrcpynA
UnmapViewOfFile
GetLastError
OpenProcess
GetDateFormatA
FileTimeToSystemTime
GlobalUnlock
GetStringTypeA
LCMapStringA
WriteFile
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
SetStdHandle
GetStdHandle
SetHandleCount
SetFilePointer
ReadFile
SetEndOfFile
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
HeapReAlloc
HeapAlloc
HeapFree
GetStringTypeW
LCMapStringW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
FlushFileBuffers
GetCPInfo
GetModuleFileNameA
GetACP
GetOEMCP
DeleteFileA
GetFileType

user32

TranslateAcceleratorA
GetMenuItemInfoA
LoadMenuA
DispatchMessageA
GetDlgItemTextA
WinHelpA
GetMessageA
GetClassInfoA
LoadAcceleratorsA
TranslateMessage
EmptyClipboard
OpenClipboard
wsprintfA
SetClipboardData
GetWindowLongA
LoadStringA
FindWindowA
SendMessageA
SetDlgItemTextA
GetDesktopWindow
GetSystemMetrics
LoadImageA
LoadIconA
LoadCursorA
RegisterClassExA
RegisterClassA
CloseClipboard
EnableMenuItem
GetWindowTextA
GetIconInfo
GetClassLongA
GetKeyState
EndDialog
SetCapture
SetCursor
WindowFromPoint
GetMenu
PostMessageA
GetWindowThreadProcessId
CreateWindowExA
ShowWindow
UpdateWindow
DefFrameProcA
DefMDIChildProcA
DefDlgProcA
DefWindowProcA
GetWindowDC
PostQuitMessage
InsertMenuItemA
DeleteMenu
CheckMenuItem
MoveWindow
InvalidateRect
GetDlgItem
GetWindow
CharNextExA
MessageBoxA
KillTimer
SetTimer
GetWindowRect
ReleaseDC
SetWindowPos
SetWindowTextA
GetMenuStringA
GetSubMenu
GetCursorPos
SetForegroundWindow
TrackPopupMenu
GetClientRect
DestroyWindow
GetParent
DialogBoxParamA

gdi32

DeleteObject
LineTo
MoveToEx
SetROP2
SelectObject
GetStockObject

comdlg32

GetSaveFileNameA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA

shell32

Shell_NotifyIconA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

ole32

CoUninitialize
CoCreateInstance
CoInitialize

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

comctl32

ord17
ImageList_Add
ImageList_Create
ImageList_Destroy
ord6
CreateToolbarEx

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

70f41855109fad1c83ee5372bcae09c7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

version

comctl32

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 32KB - Virtual size: 29KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 32KB - Virtual size: 29KB

.rmnet
Size: 60KB - Virtual size: 60KB