39fdfc49210e0f6f4895c95f3538fb3e63b9baa94ac17fb75785c9a647cd4843

Sharing

Copy URL

Twitter E-mail

General

Target

39fdfc49210e0f6f4895c95f3538fb3e63b9baa94ac17fb75785c9a647cd4843
Size

44KB
MD5

3b3a02f497de4b99b5617d3748f9962f
SHA1

87a04d98c18c0bb32f097f94d1d5d64a4c171f7f
SHA256

39fdfc49210e0f6f4895c95f3538fb3e63b9baa94ac17fb75785c9a647cd4843
SHA512

4ba50403063c63640874e715bb989ef2267ecccf06eb97b2fddf0ebd7c9a09a480e1c399cb1419c57a37771b8e7414e9ccb55bc37ea4cf51a219224caae1f9b4
SSDEEP

768:sJj5reuZhSsxD0jrAc5SJsFxTXETxd8nZ1Osd5/70/v:QZhSsxwz5esjTU96nZvd5/7kv

Score

N/A

Malware Config

Signatures

Files

39fdfc49210e0f6f4895c95f3538fb3e63b9baa94ac17fb75785c9a647cd4843
.exe windows x86

add13accf5111c581a2182c537c7e226

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_errno
_snprintf
__getmainargs
strrchr
strncpy
fread
_controlfp
signal
_XcptFilter
__set_app_type
abort
sqrt
__p__fmode
_initterm
free
calloc
_adjust_fdiv
fputc
__p__environ
__p___initenv
getenv
_onexit
_strnicmp
exit
_vsnprintf
__setusermatherr
__p__commode
_except_handler3
_write
_exit

comdlg32

GetOpenFileNameA

kernel32

GetACP
FreeEnvironmentStringsA
GlobalFree
GetCommandLineA
GetStringTypeExA
GetSystemTime
lstrlenA
GetVersionExW
IsDBCSLeadByte
lstrcmpiW
GetStringTypeW
GetNumberFormatA
VirtualProtectEx
GetLastError
SetCurrentDirectoryA
MoveFileA
MulDiv

user32

PostQuitMessage
EqualRect
GetClassInfoA
GetWindow
FindWindowA
CreatePopupMenu
SetDlgItemTextA
GetLastActivePopup
DefWindowProcA
PeekMessageA
GetTopWindow
RemoveMenu
DrawMenuBar
GetKeyState

comctl32

ImageList_AddMasked
ImageList_Write
PropertySheetA
ImageList_LoadImageA
ImageList_GetImageCount
ImageList_Destroy
ImageList_GetIcon
ImageList_BeginDrag

ole32

CoInitialize
CoInitializeSecurity
OleInitialize
GetRunningObjectTable
StgCreateDocfileOnILockBytes
OleRun
ReleaseStgMedium
StringFromCLSID
StringFromGUID2
RegisterDragDrop
CoGetMalloc
StringFromIID
CoTaskMemRealloc

gdi32

ScaleViewportExtEx
MoveToEx
GetCharWidthW
SetWindowOrgEx
EnumFontFamiliesExW
Pie
GetEnhMetaFileBits
ExcludeClipRect
CreateRoundRectRgn
GetMapMode
GetRegionData
AddFontResourceA
SetAbortProc

advapi32

RegQueryValueExW
InitiateSystemShutdownA
CryptCreateHash
CryptGenRandom
RegQueryInfoKeyW
AdjustTokenPrivileges
GetSecurityDescriptorDacl
AllocateAndInitializeSid
RegQueryValueA
CryptAcquireContextA
RegOpenKeyW
RegFlushKey
RegDeleteKeyA
RegSetValueExA
DeleteService
RegEnumValueA
OpenSCManagerA
ControlService
RegEnumKeyExA
OpenServiceW

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

add13accf5111c581a2182c537c7e226

Headers

File Characteristics

Imports

msvcrt

comdlg32

kernel32

user32

comctl32

ole32

gdi32

advapi32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 9KB - Virtual size: 47KB

.rsrc Size: 28KB - Virtual size: 56KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 9KB - Virtual size: 47KB

.rsrc
Size: 28KB - Virtual size: 56KB