f8de04e3c2603963a48b231a4754b50500b09bcbe278052ca724b50fd3fc3ac4

Sharing

Copy URL Twitter E-mail

General

Target

f8de04e3c2603963a48b231a4754b50500b09bcbe278052ca724b50fd3fc3ac4
Size

98KB
MD5

60dcf8a6f69ce46e6c3571a61f7a0c68
SHA1

7e68832f0afca1993ab8336ad56b18480bf93d27
SHA256

f8de04e3c2603963a48b231a4754b50500b09bcbe278052ca724b50fd3fc3ac4
SHA512

587dd7a3b649668c9096770f71a7f034e7973ba9841ff086322d1bb88ffe9639981f7e07ab400516ab4e22f3fccd31d305a6ce621d05aa9630538481024057dc
SSDEEP

1536:VJgbvjLRZ2Hi1LJOnOEHoKssQFxEUg5hv4rk0lt8auFcJ2xqTAFMBYVTttH:YbrLRZSCLIny3Fx5gDv4witr7LaJttH

Score

N/A

Malware Config

Signatures

Files

f8de04e3c2603963a48b231a4754b50500b09bcbe278052ca724b50fd3fc3ac4
.exe windows x86

c95c07441f5a7054b9c8c0e0da2c0d88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WritePrivateProfileStringA
DeleteFileA
GetModuleHandleA
GetFileTime
IsDebuggerPresent
lstrcmpiW
GetEnvironmentStrings
IsBadWritePtr
GetModuleFileNameA
GetTempPathA
GetStartupInfoA
lstrcmpiA
VirtualProtect

user32

UnhookWindowsHookEx
BeginPaint
GetMenu
GetParent
SetRect
GetSysColor
DeleteMenu
IntersectRect
SetCursor
SetScrollRange
RegisterClassA

msvcrt

sqrt
__getmainargs
__p__commode
__set_app_type
setlocale
atol
_acmdln
fputc
_adjust_fdiv
_wcsicmp
_stat
_pipe
_putenv
_except_handler3
__setusermatherr
_XcptFilter
exit
__badioinfo
_initterm
__p__fmode
log

advapi32

OpenProcessToken
OpenSCManagerA
RegEnumKeyExA
RegEnumValueW
RegQueryInfoKeyA
CryptHashData
CryptAcquireContextA
RevertToSelf
InitializeAcl
CryptCreateHash
RegDeleteKeyW
RegEnumKeyA
FreeSid
AddAccessAllowedAce
RegEnumKeyExW

shell32

SHGetPathFromIDListA
ExtractIconA
ExtractAssociatedIconW
CommandLineToArgvW
SHFileOperationA
SHGetDesktopFolder
SHChangeNotify
SHBindToParent
SHAppBarMessage
SHGetSpecialFolderLocation

ole32

CLSIDFromProgID
StringFromGUID2
CoRegisterMessageFilter
StringFromCLSID
CoCreateInstance
StgOpenStorage
CoInitializeEx
OleFlushClipboard

comctl32

ImageList_SetOverlayImage
ImageList_SetDragCursorImage
ImageList_ReplaceIcon
ImageList_DragLeave
ImageList_GetImageCount
CreatePropertySheetPageW
ImageList_Create

oleaut32

CreateErrorInfo
SysFreeString
SafeArrayPtrOfIndex
GetActiveObject
SysStringLen
VariantInit

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c95c07441f5a7054b9c8c0e0da2c0d88

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

shell32

ole32

comctl32

oleaut32

Sections

.text Size: 67KB - Virtual size: 67KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 67KB - Virtual size: 67KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 25KB - Virtual size: 25KB