809baf37c99ff487fbc0e3c1ac4ffe43742fc6969f89879d1aa3abe10ae39c16

Sharing

Copy URL Twitter E-mail

General

Target

809baf37c99ff487fbc0e3c1ac4ffe43742fc6969f89879d1aa3abe10ae39c16
Size

48KB
MD5

d27de2ff4c6338816724d3e9cbcd4761
SHA1

05a4517bd82396e72d0ffa7cb9b9dbdd50b24735
SHA256

809baf37c99ff487fbc0e3c1ac4ffe43742fc6969f89879d1aa3abe10ae39c16
SHA512

4e98076317f4e9088edb88a3ec5df1dee7917e512c3783af1128fa82ab5c463166058e16621d35ce955981c0bca71f44c9129eb4d965520bd724dc8c54f9314e
SSDEEP

1536:fS2nCMiEOMUB5mjWDQlZIK/3rtfD6oEfOo9:a2nKJMeEWD2dpf2fOo

Score

N/A

Malware Config

Signatures

Files

809baf37c99ff487fbc0e3c1ac4ffe43742fc6969f89879d1aa3abe10ae39c16
.exe windows x86

6f33bcf276ee5c5c2578e32faca9e814

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

atl

AtlMarshalPtrInProc

advpack

RegInstall

kernel32

lstrcpynA
lstrcpyA
SetEvent
VirtualAlloc
InterlockedIncrement
HeapFree
HeapReAlloc
InterlockedDecrement
LoadLibraryA
DeleteCriticalSection
GetDiskFreeSpaceA
CreateThread
InitializeCriticalSection
lstrcmpA
GetSystemDirectoryA
GetWindowsDirectoryA
CloseHandle
GetProcAddress
lstrlenA
lstrcmpiA
CreateFileA
HeapSize
lstrcatA
LocalFree
DisableThreadLibraryCalls
GetTickCount
FreeLibrary
GetModuleHandleA
GetProcessHeap
GetModuleFileNameA
LocalAlloc
CreateEventA

ntdll

NtAddAtom

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegEnumKeyExA
RegSetValueExA
RegDeleteKeyA

user32

wsprintfA
CharUpperA
PeekMessageA
ReleaseDC
CharPrevA
SetWindowTextA
SetDlgItemTextA
CheckDlgButton
CreateDialogParamA
SendDlgItemMessageA
SendMessageA
IsDlgButtonChecked
SetWindowLongA
DialogBoxParamA
IsWindow
MsgWaitForMultipleObjects
GetSysColor
GetWindowTextA
DispatchMessageA
LoadBitmapA
GetDC
ShowWindow
InvalidateRect
DrawTextA
TranslateMessage
MessageBoxA
EndDialog
DestroyIcon
SetWindowPos
GetWindowLongA
LoadStringA
DestroyWindow
GetClientRect
EnableWindow
GetDlgItem
IsDialogMessageA
GetWindowRect
LoadImageA

gdi32

SelectObject
SetBkColor
CreateCompatibleDC
CreateFontIndirectA
ModifyWorldTransform
CreateSolidBrush
SetWindowOrgEx
RestoreDC
DeleteDC
GetTextMetricsA
DPtoLP
SetViewportOrgEx
SaveDC
GetObjectA
DeleteObject
SetTextColor
BitBlt
ExtTextOutA
SetGraphicsMode
GetDeviceCaps

Sections

.textbss
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f33bcf276ee5c5c2578e32faca9e814

Headers

File Characteristics

Imports

atl

advpack

kernel32

ntdll

version

ole32

advapi32

user32

gdi32

Sections

.textbss Size: - Virtual size: 1.3MB

.text Size: 512B - Virtual size: 428B

.idata Size: 46KB - Virtual size: 45KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 448B

.textbss
Size: - Virtual size: 1.3MB

.text
Size: 512B - Virtual size: 428B

.idata
Size: 46KB - Virtual size: 45KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 448B