0698f51f5d7903bcd5eb55c2b9d320972dd10f9fa7a15d8382d43a166924344b

Sharing

Copy URL Twitter E-mail

General

Target

0698f51f5d7903bcd5eb55c2b9d320972dd10f9fa7a15d8382d43a166924344b
Size

140KB
MD5

2752489abe1eb97fe99e88a75a13188c
SHA1

acbff52cfe1999ceabeac05d0a1cf765cdabceb0
SHA256

0698f51f5d7903bcd5eb55c2b9d320972dd10f9fa7a15d8382d43a166924344b
SHA512

cc1e3d938b125579887008132d2f82fa849def77a24e11ff79500cf2ad49f3120d5d489b9a49aa73d85d14b0f4fbb02202a9dc14de7774af555be91b001d017d
SSDEEP

3072:0eQRD3Fwn6U5yhEaM+qa/X/i+0fnL7e78QolO/B:0bF6QEt+qam/L8oU5

Score

N/A

Malware Config

Signatures

Files

0698f51f5d7903bcd5eb55c2b9d320972dd10f9fa7a15d8382d43a166924344b
.exe windows x86

cf6c01e3dae86979d0bdea6283cc4c3d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
GetModuleHandleA
SetFileTime
SetThreadLocale
GetCommandLineW
GetStartupInfoA
GlobalUnlock
InterlockedExchange
GetSystemDirectoryW
GetLocaleInfoA

msvcrt

strchr
_getpid
exit
__getmainargs
_initterm
_except_handler3
tolower
__p__fmode
_acmdln
_adjust_fdiv
_mkdir
log
__setusermatherr
__p__commode
_XcptFilter
_c_exit
_unlink
__p___initenv
__initenv
__set_app_type

user32

GetCursorPos
GetActiveWindow
UnhookWindowsHookEx
GetPropA
FillRect
DestroyIcon
ClientToScreen
SetActiveWindow

shell32

SHCreateDirectoryExW
ExtractIconExW
SHCreateDirectoryExA
ShellExecuteEx
SHBrowseForFolder
FindExecutableW
ExtractIconExA
SHGetFolderPathA
SHGetSpecialFolderPathW
SHGetPathFromIDListA
SHFileOperationW
DragQueryFileA

ole32

StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal
CoTaskMemFree
RevokeDragDrop
StgOpenStorageOnILockBytes
CLSIDFromString
CreateBindCtx
OleSetMenuDescriptor
IsEqualGUID
CoSetProxyBlanket
CoRevokeClassObject
StringFromGUID2

comctl32

CreatePropertySheetPageW
ImageList_SetImageCount
ImageList_GetImageInfo
ImageList_GetBkColor
ImageList_SetOverlayImage
ImageList_Create
ImageList_Replace

oleaut32

CreateErrorInfo
SysAllocStringLen
SafeArrayRedim
SysFreeString
GetActiveObject

advapi32

SetSecurityDescriptorDacl
CryptHashData
RegDeleteValueA
LookupPrivilegeValueA
RegEnumValueW
RegEnumValueA
FreeSid

version

VerQueryValueW
VerLanguageNameA

gdi32

ExtTextOutA
FrameRgn
PolylineTo
SetEnhMetaFileBits
LPtoDP
GetWindowExtEx
CopyEnhMetaFileA

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf6c01e3dae86979d0bdea6283cc4c3d

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

shell32

ole32

comctl32

oleaut32

advapi32

version

gdi32

Sections

.text Size: 63KB - Virtual size: 63KB

.data Size: 48KB - Virtual size: 48KB

.rsrc Size: 27KB - Virtual size: 27KB

.text
Size: 63KB - Virtual size: 63KB

.data
Size: 48KB - Virtual size: 48KB

.rsrc
Size: 27KB - Virtual size: 27KB