38ead85fb12f26b5e8458301003ab822207e09d1bd39ae526ea8186b9986d20a

Sharing

Copy URL Twitter E-mail

General

Target

38ead85fb12f26b5e8458301003ab822207e09d1bd39ae526ea8186b9986d20a
Size

25KB
MD5

2c6dee6bcbe3498b976ce1366f222a0e
SHA1

2ff000cc27e44ad2f00ee2449fa2b4cb551e109c
SHA256

38ead85fb12f26b5e8458301003ab822207e09d1bd39ae526ea8186b9986d20a
SHA512

7494db5943cc1450099f0bc6ca68bb56b8b024862215d2c791799239fa6d25beb22345da67661905e79df65f41e94485a5d587fa9ea76f114bb9e2e988665703
SSDEEP

384:uZ4ILw3hWgcijFWWDTJRJph4aBTb3OYe4T0Q1jcxalqCOkIlCHG9aDkKaDkk99DQ:mNQYgceMSgk48jBcX3CsawKawE9wd

Score

N/A

Malware Config

Signatures

Files

38ead85fb12f26b5e8458301003ab822207e09d1bd39ae526ea8186b9986d20a
.exe windows x86

781011031cc2d50601c92cbbde13cfb6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHIsLowMemoryMachine
ord16
SHRegCloseUSKey
PathQuoteSpacesW
PathFindFileNameW
SHSetThreadRef
StrChrIW
StrCpyNW
PathRemoveFileSpecW
PathAppendW

imm32

ImmGetConversionListA
ImmGetIMCCLockCount

gdi32

SetTextColor
SetBkMode
SelectPalette
SelectObject
Polyline
GetObjectW
GetDeviceCaps
GetCurrentPositionEx
DeleteObject
CreatePen

kernel32

LoadLibraryW
LocalFree
QueryPerformanceCounter
SetEvent
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
UnmapViewOfFile
lstrcpynW
GetModuleHandleW
CloseHandle
CreateFileMappingW
CreateFileW
CreateProcessW
CreateThread
DeleteCriticalSection
EnterCriticalSection
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetModuleHandleA
LoadLibraryExA
GetProcAddress
GetStartupInfoA
GetTempFileNameW
GetTickCount
GetWindowsDirectoryW
GlobalFree
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection

shell32

RealShellExecuteExW
DuplicateIcon
DragAcceptFiles
CommandLineToArgvW
SHUpdateRecycleBinIcon

user32

PeekMessageA
CountClipboardFormats

dbghelp

DbgHelpCreateUserDump
MiniDumpReadDumpStream
MiniDumpWriteDump
SymEnumerateModules64
SymGetLineFromAddr64
SymGetOptions
vc7fpo

Sections

.text
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

781011031cc2d50601c92cbbde13cfb6

Headers

File Characteristics

Imports

shlwapi

imm32

gdi32

kernel32

shell32

user32

dbghelp

Sections

.text Size: 15KB - Virtual size: 16KB

.rdata Size: 5KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 3KB

.text
Size: 15KB - Virtual size: 16KB

.rdata
Size: 5KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 3KB