b0b7e344c132568388386f5f615e1f3cf10ea43db81e4602af8cbe27da85ecc2

Sharing

Copy URL Twitter E-mail

General

Target

b0b7e344c132568388386f5f615e1f3cf10ea43db81e4602af8cbe27da85ecc2
Size

775KB
MD5

32d89fc7c11857782ce01f35ecc2906d
SHA1

2ac51fa9f8ef07e694feb97b0e1ac9ae6acdf5ff
SHA256

b0b7e344c132568388386f5f615e1f3cf10ea43db81e4602af8cbe27da85ecc2
SHA512

864c5def6d57f7b423e600c119f5efafbf19031010b017918e4ff6ace0031e7eba847111eb8ac09d6346f602155a7d2163f3f1b8746ffd887409a8afad8ec641
SSDEEP

24576:45fWnDkelEWFYSM0hwpFLvQhYf2RjGGsOlA:4lWnDXF60hwDv+1BsR

Score

N/A

Malware Config

Signatures

Files

b0b7e344c132568388386f5f615e1f3cf10ea43db81e4602af8cbe27da85ecc2
.exe windows x86

37e02e9e24870518eb93344d1c244ad6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shimeng

SE_IsShimDll
SE_InstallBeforeInit
SE_InstallAfterInit

msimg32

vSetDdrawflag
GradientFill
TransparentBlt
DllInitialize

cabinet

FCIFlushCabinet
Extract

kernel32

TlsGetValue
FindResourceA
GetModuleHandleA
SetEndOfFile
GetProcAddress
SetFileAttributesA
CopyFileA
MoveFileW
GetTimeFormatA
GetVolumePathNameW
GetProcessHeap
SetCurrentDirectoryA
GetConsoleTitleW
QueryDosDeviceA
GetShortPathNameA
InterlockedDecrement
GetNumberFormatA
CreateEventW
HeapValidate
InterlockedExchange
CompareStringA
GetSystemInfo
lstrcmpiA
GetEnvironmentVariableW
GetFullPathNameA
SetVolumeLabelA
lstrcmpA
FileTimeToLocalFileTime
GetDiskFreeSpaceA

user32

CharToOemA
DialogBoxParamA
GetWindowLongA
DispatchMessageA
GetWindowTextA
SetFocus
LoadImageA
GetMessageA
IsCharLowerA
LoadCursorA
IsZoomed
wsprintfA
GetCaretPos

Sections

CODE
Size: 749KB - Virtual size: 748KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 44KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

37e02e9e24870518eb93344d1c244ad6

Headers

File Characteristics

Imports

shimeng

msimg32

cabinet

kernel32

user32

Sections

CODE Size: 749KB - Virtual size: 748KB

DATA Size: 3KB - Virtual size: 2KB

BSS Size: - Virtual size: 44KB

.idata Size: 5KB - Virtual size: 5KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 4KB - Virtual size: 3KB

.rsrc Size: 12KB - Virtual size: 11KB

CODE
Size: 749KB - Virtual size: 748KB

DATA
Size: 3KB - Virtual size: 2KB

BSS
Size: - Virtual size: 44KB

.idata
Size: 5KB - Virtual size: 5KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 12KB - Virtual size: 11KB