fd0fba3c80c32d2f0d13cae68be2f4a3d7601766adec650fac26d903e9fd934e

General

Target

fd0fba3c80c32d2f0d13cae68be2f4a3d7601766adec650fac26d903e9fd934e
Size

60KB
MD5

44486b9292d58b348be382e9a021612e
SHA1

5a48e99312611933811810aa740592e3f4f69b97
SHA256

fd0fba3c80c32d2f0d13cae68be2f4a3d7601766adec650fac26d903e9fd934e
SHA512

43f0c8cf48be75bfa10f9186238ba18f6afa1b11037ede0e4c11705ae3e19b7cf991471f9b82f75c9c934935d45b57994f6d1e6729166ec1ea9a3a5697a28d02
SSDEEP

1536:ejuJw3T4JoBjYDxkxblBa18OC0lqMRxgULh4H:ejuJJJiukT8sIquBLO

Score

N/A

Malware Config

Signatures

Files

fd0fba3c80c32d2f0d13cae68be2f4a3d7601766adec650fac26d903e9fd934e
.exe windows x86

7105f60855a1f1adccb713daa6131d91

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadCursorW
SetCursor
EnumChildWindows
SystemParametersInfoA
GetWindowLongA
PostMessageA
LoadStringA
SendMessageA
MessageBoxA
DefWindowProcA
DispatchMessageA
IsWindow
CheckMenuItem
KillTimer
SetTimer
GetMessageW
ShowWindow
EnableWindow
DestroyIcon
LoadImageW
GetSysColor
BeginPaint
GetDC
ReleaseDC
GetSysColorBrush
SetWindowLongW
LoadStringW
CharNextW
GetWindow
EndPaint
GetParent

kernel32

GetProcAddress
IsBadWritePtr
HeapReAlloc
VirtualAlloc
HeapAlloc
FatalAppExitA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetModuleFileNameA
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
DeleteCriticalSection
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStrings
FreeEnvironmentStringsW
MultiByteToWideChar
FreeEnvironmentStringsA
GetModuleFileNameW
GetLastError
GetCurrentThread
GetCommandLineA
GetEnvironmentStringsW
CreateMutexA
lstrlenA
LocalAlloc
GetCurrentProcessId
GetStdHandle
GetVersionExA
GetPriorityClass
LoadLibraryA
GetModuleHandleW
UnhandledExceptionFilter
GetCurrentProcess
GetModuleHandleA
GetStartupInfoW
GetVersion
ExitProcess
TerminateProcess

setupapi

SetupQueueRenameSectionA

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7105f60855a1f1adccb713daa6131d91

Headers

File Characteristics

Imports

user32

kernel32

setupapi

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 32KB - Virtual size: 73KB

.rsrc Size: 4KB - Virtual size: 1024B

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 32KB - Virtual size: 73KB

.rsrc
Size: 4KB - Virtual size: 1024B