306039ea9185f3933c7f9f965586f94aee4078b1df0a920c0e7514114eef3199

General

Target

306039ea9185f3933c7f9f965586f94aee4078b1df0a920c0e7514114eef3199
Size

88KB
MD5

0279e76ca35587ee34a3b584e20fa824
SHA1

a243b2351bdd0639cfb989819a47e63571eaf063
SHA256

306039ea9185f3933c7f9f965586f94aee4078b1df0a920c0e7514114eef3199
SHA512

e7d5c087c9757e1db5e1aa79dbca0e761f4096f25cdd10da8aee95c1f1ab42f8aa18b79cf4ea2bddf9a07805bc7462b6e195257f9dd560affa01e45ecdcb273c
SSDEEP

1536:uQAZ/nXg33BmDHPAbFfPYSHD+ElZzHMtvleKDDszjIExPIW89oqSPsYoWWJ6:A/n0mDHPwnYSHD+ElZ7MtvljDDszjIEv

Score

N/A

Malware Config

Signatures

Files

306039ea9185f3933c7f9f965586f94aee4078b1df0a920c0e7514114eef3199
.exe windows x86

11937efa457cdc7049c3ede89a429b7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetCurrentProcessId
GetCurrentThreadId
lstrcmpiA
LoadLibraryA
GetProcAddress
GetVersion
CloseHandle
GetFileSize
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
DeviceIoControl
GetTickCount
FindResourceA
QueryPerformanceCounter
LoadResource
TlsAlloc
HeapAlloc
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetCommandLineA
GetStartupInfoA
GetStringTypeW

user32

DispatchMessageA
EndPaint
BeginPaint
wsprintfA
GetSystemMetrics
LoadIconA
GetClientRect
LoadCursorA
LoadAcceleratorsA
GetMessageA
FindWindowA
TranslateMessage
TranslateAcceleratorA
RegisterClassExA
PostQuitMessage
MessageBoxA
CreateWindowExA
ShowWindow
UpdateWindow
LoadStringA
DestroyWindow
DefWindowProcA

gdi32

Rectangle
TextOutA
CreateBitmap

advapi32

RegSetValueExW
RegOpenKeyExA
RegCloseKey

ole32

CoInitialize
CoTaskMemAlloc

shlwapi

PathFileExistsA

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11937efa457cdc7049c3ede89a429b7a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

shlwapi

Sections

.text Size: 64KB - Virtual size: 62KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 64KB - Virtual size: 62KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 12KB - Virtual size: 10KB