f7162dbd4b269b917ae605650faae570f2bae4c8b5aa19321682c48f79f8beef

General

Target

f7162dbd4b269b917ae605650faae570f2bae4c8b5aa19321682c48f79f8beef
Size

566KB
MD5

c639bed628c55c9e21a6353d4458fc70
SHA1

5fc4a2802e68e0de495b8a3ed7879b3c7c5295c1
SHA256

f7162dbd4b269b917ae605650faae570f2bae4c8b5aa19321682c48f79f8beef
SHA512

464fb2fe3843b0d13fd1916ed7823c696cb69d23d02115588e2cb68e00bc1181d1ca41078a9c653460681210e4890f3e9e05edd8562009017f90b7cf9bcd1067
SSDEEP

12288:h+Jt1P9c626nsUQHqBfIzbPRljC70Fm/ktYnXOEW:h+Jt1P95lsUNBfIzjTmoFntAe

Score

N/A

Malware Config

Signatures

Files

f7162dbd4b269b917ae605650faae570f2bae4c8b5aa19321682c48f79f8beef
.exe windows x86

119c6223f5a246c10eaf8a2e06d9b9fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreateToolbarEx
ord6
InitCommonControlsEx
FlatSB_SetScrollRange
FlatSB_GetScrollPos
ord5
PropertySheetA

kernel32

GetModuleHandleA
GetProcAddress
VirtualAllocEx
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RaiseException
InterlockedDecrement
InterlockedIncrement

uxtheme

GetThemeMargins
GetThemeFilename
DrawThemeEdge
GetThemeEnumValue
GetThemeBool

aclui

ord2
ord1

ntdsapi

DsListDomainsInSiteW

Sections

.text
Size: 526KB - Virtual size: 526KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

119c6223f5a246c10eaf8a2e06d9b9fd

Headers

File Characteristics

Imports

comctl32

kernel32

uxtheme

aclui

ntdsapi

Sections

.text Size: 526KB - Virtual size: 526KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 5KB - Virtual size: 310KB

.rsrc Size: 29KB - Virtual size: 29KB

.text
Size: 526KB - Virtual size: 526KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 5KB - Virtual size: 310KB

.rsrc
Size: 29KB - Virtual size: 29KB