d7064334a7d16ad5bc7cec3218a07541b821cf929ca65d45834c164ff920c043

Sharing

Copy URL Twitter E-mail

General

Target

d7064334a7d16ad5bc7cec3218a07541b821cf929ca65d45834c164ff920c043
Size

471KB
MD5

3c39ea55906e81b126e7fb7f4a71bb51
SHA1

749cfa98c4536b4baebf2e9d2901402f915d9faf
SHA256

d7064334a7d16ad5bc7cec3218a07541b821cf929ca65d45834c164ff920c043
SHA512

fdab86605b98ef4b55ac6ba11d06eea3eec9e35ac0158feb933e1d8bbdba6d1d81ac92f350fc766e9b4c7b27c55e2d9c8d4989e0dfe525a7a8d2b1068e286374
SSDEEP

12288:VkCuGPPxnQrGsdrcKtgjCVZHojLctS5i5Dh:VVu0PdHErht5ZH5tS5ith

Score

N/A

Malware Config

Signatures

Files

d7064334a7d16ad5bc7cec3218a07541b821cf929ca65d45834c164ff920c043
.exe windows x86

ff4d6f13e97e5a056903907309de05d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SheChangeDirA
InternalExtractIconListW
SheGetDirA
SHGetDataFromIDListW

wininet

UnlockUrlCacheEntryStream

comdlg32

GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
PageSetupDlgA

user32

PostMessageW
VkKeyScanA
SystemParametersInfoW
DestroyMenu
EnumWindows
SetMenuItemBitmaps
CopyAcceleratorTableW
RegisterDeviceNotificationW
SetScrollInfo
EnumDesktopWindows
MonitorFromPoint
IsWindowVisible
LookupIconIdFromDirectory
SetCapture
CharToOemA
DdeInitializeA
GetWindowLongA

kernel32

GetModuleFileNameA
GetCurrentThread
MultiByteToWideChar
VirtualQuery
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetUserDefaultLCID
SetUnhandledExceptionFilter
InterlockedDecrement
GetCurrentThreadId
IsDebuggerPresent
HeapSize
RtlUnwind
GetFileSize
HeapAlloc
GetDateFormatA
InterlockedCompareExchange
FreeLibrary
SetConsoleCtrlHandler
UnhandledExceptionFilter
GetStringTypeA
GetLocaleInfoA
GetTickCount
VirtualAlloc
InitializeCriticalSection
LeaveCriticalSection
SetConsoleOutputCP
CompareStringW
GetACP
GetVersionExA
GetStartupInfoA
GetTimeZoneInformation
WideCharToMultiByte
GetCommandLineA
GetFileType
TlsGetValue
IsValidCodePage
GetStringTypeW
HeapFree
TlsFree
CompareStringA
GetModuleHandleA
TlsAlloc
GetProcAddress
GetCPInfo
EnterCriticalSection
GetLastError
QueryPerformanceCounter
LCMapStringW
HeapCreate
SetHandleCount
GetLocaleInfoW
DeleteCriticalSection
TlsSetValue
ExitProcess
FreeEnvironmentStringsA
GetProcessHeap
SetLastError
GetTimeFormatA
InterlockedExchange
InterlockedIncrement
GetOEMCP
Sleep
GetEnvironmentStrings
SetEnvironmentVariableA
GetEnvironmentStringsW
GetCurrentProcess
VirtualFree
HeapDestroy
IsValidLocale
LoadLibraryA
ReadConsoleInputW
WriteFile
TerminateProcess
EnumSystemLocalesA
LCMapStringA
HeapReAlloc
GetCurrentProcessId
GetStdHandle

advapi32

CryptDeriveKey
RegEnumKeyExW
RegQueryInfoKeyA
ReportEventW
LookupSecurityDescriptorPartsA
DuplicateTokenEx
RegQueryValueExA
RegSaveKeyW
ReportEventA
CryptImportKey
CryptGetDefaultProviderW
GetUserNameA
LookupAccountSidA

Sections

.text
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 323KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff4d6f13e97e5a056903907309de05d1

Headers

File Characteristics

Imports

shell32

wininet

comdlg32

user32

kernel32

advapi32

Sections

.text Size: 131KB - Virtual size: 130KB

.rdata Size: 9KB - Virtual size: 15KB

.data Size: 323KB - Virtual size: 323KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 131KB - Virtual size: 130KB

.rdata
Size: 9KB - Virtual size: 15KB

.data
Size: 323KB - Virtual size: 323KB

.rsrc
Size: 7KB - Virtual size: 6KB