a36e64b5b1f2a322914c6f309e69565aa0116c3e080cf0990245571ad52ff106

Sharing

Copy URL Twitter E-mail

General

Target

a36e64b5b1f2a322914c6f309e69565aa0116c3e080cf0990245571ad52ff106
Size

288KB
MD5

cbb8361646e0685cd46f12ca8a9b7282
SHA1

d8b41884e77e45778fcabc2543f417141e1f690d
SHA256

a36e64b5b1f2a322914c6f309e69565aa0116c3e080cf0990245571ad52ff106
SHA512

7dddf40f4944f37028d7ec8c4367b4493b0df45ec12429e5ba9750c9fcc07bb5ac839c94388014041e41b1ae895afc153eac19d6f36e7a6987fff7101738d0d4
SSDEEP

6144:Nhz1ilfzncsIedv3L51zQrf44qBRH3BoBNWBHEZTdB42N3EM1h3mB:rgBfIEvb3QsZBVxomRkTv4A0B

Score

N/A

Malware Config

Signatures

Files

a36e64b5b1f2a322914c6f309e69565aa0116c3e080cf0990245571ad52ff106
.exe windows x86

44e7f6d92c9a1396ce7348273a5e764f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetCapture
GetWindowLongA
SetWindowLongA
ReleaseDC
GetDC
IsWindow
CreateDialogParamA
BeginPaint
DrawTextA
EndPaint
SetCursor
ReleaseCapture
GetWindowTextA
GetDlgItem
SetWindowTextA
GetForegroundWindow
MsgWaitForMultipleObjects
EndDialog
wvsprintfA
MessageBoxA
wsprintfA
GetCapture
CallWindowProcA
GetClientRect
GetSystemMetrics
DispatchMessageA
TranslateMessage
SendMessageA
InvalidateRect
GetMessageA
PeekMessageA
LoadCursorA
DialogBoxParamA

kernel32

GetTickCount
CreateProcessA
WaitForSingleObject
CreateFileA
SetFilePointer
MultiByteToWideChar
WideCharToMultiByte
GetUserDefaultLCID
Sleep
FreeLibrary
LCMapStringA
GetStartupInfoA
lstrcpynA
MulDiv
lstrcpyA
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
GetModuleHandleA
GetProcAddress
OpenProcess
WriteProcessMemory
CreateWaitableTimerA
SetWaitableTimer
VirtualAlloc
VirtualFree
RtlMoveMemory
LoadLibraryA
GetProcessHeap
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
GetModuleFileNameA
ReadFile
GetFileSize
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

comctl32

ord17

gdi32

SelectObject
DeleteObject
GetDeviceCaps
CreateFontIndirectA

shell32

ShellExecuteA

atl

ord47
ord42

shlwapi

StrToIntExA
PathFileExistsA

advapi32

CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptReleaseContext
CryptCreateHash
CryptAcquireContextA

msvcrt

strncpy
??3@YAXPAX@Z
tolower
strtod
srand
rand
??2@YAPAXI@Z
strncmp
atoi
_ftol
_CIfmod
_CIpow
strchr
modf
memmove
free
_stricmp
malloc
_strnicmp
sprintf

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateInstance
OleRun
CoUninitialize
CoInitialize

oleaut32

SafeArrayGetDim
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElemsize
VarR8FromCy
VarR8FromBool
LoadTypeLi
LHashValOfNameSys
RegisterTypeLi
SafeArrayCreate
SysAllocString
VariantClear
SafeArrayDestroy
VariantInit
VariantChangeType
SafeArrayGetLBound

Sections

.text
Size: - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kp0
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.kp1
Size: 269KB - Virtual size: 269KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

44e7f6d92c9a1396ce7348273a5e764f

Headers

File Characteristics

Imports

user32

kernel32

comctl32

gdi32

shell32

atl

shlwapi

advapi32

msvcrt

ole32

oleaut32

Sections

.text Size: - Virtual size: 85KB

.rdata Size: - Virtual size: 3KB

.data Size: - Virtual size: 161KB

.kp0 Size: - Virtual size: 80KB

.kp1 Size: 269KB - Virtual size: 269KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: - Virtual size: 85KB

.rdata
Size: - Virtual size: 3KB

.data
Size: - Virtual size: 161KB

.kp0
Size: - Virtual size: 80KB

.kp1
Size: 269KB - Virtual size: 269KB

.rsrc
Size: 17KB - Virtual size: 17KB