45359ccca042777c72d7b07d2c3115c43566a345fd13b2c7f605c39121594628

Sharing

Copy URL Twitter E-mail

General

Target

45359ccca042777c72d7b07d2c3115c43566a345fd13b2c7f605c39121594628
Size

700KB
MD5

f6d7051c8f512ad9b6d2236abd31d040
SHA1

0f1e88539eeab99be9c0e7370e13f6546815f41d
SHA256

45359ccca042777c72d7b07d2c3115c43566a345fd13b2c7f605c39121594628
SHA512

577cbbf6803eeb185cbff355bb8800208a0b63cd1a9a7b5bc72f5ea3aadfb873dd08171aeca0cd32940cdf6960a2e14778d111ab44d57e8ebf12bb01d6f60133
SSDEEP

12288:k8dc9OIsSvNe9m+QOsjIPmMlEOkUupLmWy/6gQLPl6UKfIZylQmPUxalGL9Dc5GO:vc9Xb0slMlEjpqWY6pP+/PYam9Dcl

Score

N/A

Malware Config

Signatures

Files

45359ccca042777c72d7b07d2c3115c43566a345fd13b2c7f605c39121594628
.exe windows x86

e1fa1074b420f73b2fc34892e52b4d33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteExA
SHBrowseForFolderA
SHGetSpecialFolderPathA
ord155

kernel32

HeapReAlloc
CloseHandle
GetModuleHandleA
IsBadWritePtr
GetStringTypeA
SetEnvironmentVariableA
LoadLibraryA
HeapFree
FlushFileBuffers
GetModuleFileNameA
SetLastError
GetEnvironmentStrings
FreeEnvironmentStringsW
GetFileType
CompareStringA
InterlockedExchange
SetFilePointer
MultiByteToWideChar
GetCurrentThread
QueryPerformanceCounter
TlsGetValue
SetConsoleCtrlHandler
GetOEMCP
VirtualFree
GetCurrentProcessId
CompareStringW
SetUnhandledExceptionFilter
InterlockedDecrement
GetCommandLineA
LCMapStringA
LCMapStringW
WriteFile
GetEnvironmentStringsW
ExitProcess
VirtualAlloc
IsBadCodePtr
DeleteCriticalSection
RtlUnwind
TerminateProcess
WideCharToMultiByte
RaiseException
GetStdHandle
GetACP
GetLocalTime
GetSystemTimeAsFileTime
GetTickCount
LeaveCriticalSection
FreeEnvironmentStringsA
UnhandledExceptionFilter
InitializeCriticalSection
FatalAppExitA
GetStartupInfoA
GetCPInfo
GetVersion
HeapAlloc
TlsAlloc
GetStringTypeW
CreateMutexA
VirtualQuery
ReadFile
TlsFree
GetProcAddress
GetCurrentThreadId
SetHandleCount
GetCurrentProcess
TlsSetValue
InterlockedIncrement
HeapCreate
HeapDestroy
EnterCriticalSection
IsBadReadPtr
GetTimeZoneInformation
GetLastError
GetSystemTime
SetStdHandle

comctl32

InitCommonControlsEx
DestroyPropertySheetPage
ImageList_GetImageCount
ImageList_AddMasked
ImageList_Create

mpr

WNetGetUserA

gdi32

CombineRgn
CreateDIBSection
CreateCompatibleDC
Rectangle
PolyPolygon
SetTextColor
SetBkColor
GetRegionData
BitBlt
GetTextExtentExPointW
EndDoc
TextOutW
ExtCreateRegion
SetWindowOrgEx
GetPixel
Polyline
SetTextAlign
CreateCompatibleBitmap
PatBlt
EndPage
MaskBlt
StartPage
MoveToEx

advapi32

StartServiceCtrlDispatcherA
ImpersonateNamedPipeClient
GetTokenInformation
OpenProcessToken
RegOpenKeyExA
RegisterServiceCtrlHandlerA
OpenThreadToken
RevertToSelf
RegQueryValueExA

ole32

GetRunningObjectTable
OleCreateFromData
OleInitialize
ReadClassStg
CreateILockBytesOnHGlobal
SetConvertStg
StringFromGUID2
CoTaskMemFree
OleUninitialize
StgOpenStorage
ReleaseStgMedium
StringFromCLSID
CoCreateInstance
ReadFmtUserTypeStg
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
OleFlushClipboard
CoRevokeClassObject
DoDragDrop
OleSetContainedObject
CoRegisterMessageFilter
RegisterDragDrop
CoLockObjectExternal
CoGetClassObject
CLSIDFromProgID
OleGetClipboard
CoInitialize
OleRun
CreateOleAdviseHolder
CLSIDFromString
StgOpenStorageOnILockBytes
CoFreeUnusedLibraries
CoRegisterClassObject
CreateBindCtx
OleDuplicateData
CreateStreamOnHGlobal
OleLockRunning
CoTreatAsClass
StgIsStorageFile
GetHGlobalFromILockBytes
CreateItemMoniker
WriteFmtUserTypeStg
WriteClassStg
OleCreateStaticFromData
CoUninitialize

oleaut32

LoadTypeLi

user32

RemoveMenu
MapVirtualKeyA
RegisterWindowMessageA
SetTimer
RegisterClassA
GetWindowTextA
MessageBeep
MoveWindow
GetWindowPlacement
RegisterClassExA

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 452KB - Virtual size: 450KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1fa1074b420f73b2fc34892e52b4d33

Headers

File Characteristics

Imports

shell32

kernel32

comctl32

mpr

gdi32

advapi32

ole32

oleaut32

user32

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 452KB - Virtual size: 450KB

.data Size: 96KB - Virtual size: 94KB

.rsrc Size: 72KB - Virtual size: 68KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 452KB - Virtual size: 450KB

.data
Size: 96KB - Virtual size: 94KB

.rsrc
Size: 72KB - Virtual size: 68KB