058a20e86b25ecd9316696e648914d88f381fd437550876efe014a70015fd9e2

General

Target

058a20e86b25ecd9316696e648914d88f381fd437550876efe014a70015fd9e2
Size

151KB
MD5

504134f08ec7ade975c4de8b4eca5dff
SHA1

5b94424fc370d614475945a7047f9fead2387bfd
SHA256

058a20e86b25ecd9316696e648914d88f381fd437550876efe014a70015fd9e2
SHA512

5a750f5481808040f8dd6fa901cffe0acd88ec7e4d6d11e23a98e6cf58a578c2b84a8c9194c0d51b7e57310b9a6c067074c9db8753af8b5b18e6d55a939045d9
SSDEEP

3072:fXpof646mINQB6jyO1jN4FX4RV88/FJFcyB1BmH:j4vINLjjGFAdNPcyt

Score

N/A

Malware Config

Signatures

Files

058a20e86b25ecd9316696e648914d88f381fd437550876efe014a70015fd9e2
.exe windows x86

e7a24a9048dfc6c4a71e451f6b245d67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetDiskFreeSpaceA
VirtualAlloc
GetSystemDefaultLangID
SetErrorMode
SetEvent
CreateFileA
DeleteCriticalSection
WideCharToMultiByte
lstrcmpiA
Sleep
EnterCriticalSection
CreateThread
GetDateFormatA
IsBadReadPtr
ExitProcess
CreateEventA
LoadLibraryA
lstrcpynA
GetThreadLocale
HeapAlloc
MulDiv

comctl32

ImageList_Destroy
ImageList_Write
ImageList_Create
ImageList_Draw
ImageList_Read
ImageList_Add
ImageList_GetBkColor
ImageList_Remove
ImageList_DragShowNolock
ImageList_DrawEx

shell32

SHGetDesktopFolder
Shell_NotifyIconA
SHFileOperationA
SHGetDiskFreeSpaceA
DragQueryFileA

user32

IsCharLowerA
GetMenu
BeginPaint
LoadIconA
IsWindowEnabled
CharLowerA
AdjustWindowRectEx
CallNextHookEx

Exports

Exports

XFxcCV7oGc@4
_P1VTqf

Sections

CODE
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tdata
Size: 1024B - Virtual size: 847B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7a24a9048dfc6c4a71e451f6b245d67

Headers

File Characteristics

Imports

kernel32

comctl32

shell32

user32

Exports

Exports

Sections

CODE Size: 32KB - Virtual size: 32KB

.rdata Size: 10KB - Virtual size: 98KB

.data Size: 95KB - Virtual size: 95KB

.idata Size: 1KB - Virtual size: 1KB

.tdata Size: 1024B - Virtual size: 847B

.rsrc Size: 8KB - Virtual size: 8KB

CODE
Size: 32KB - Virtual size: 32KB

.rdata
Size: 10KB - Virtual size: 98KB

.data
Size: 95KB - Virtual size: 95KB

.idata
Size: 1KB - Virtual size: 1KB

.tdata
Size: 1024B - Virtual size: 847B

.rsrc
Size: 8KB - Virtual size: 8KB