641f8180f52b93b63d621af5eceb4c3606b76d2583bffe62b7a3fdd9d0231565

Sharing

Copy URL Twitter E-mail

General

Target

641f8180f52b93b63d621af5eceb4c3606b76d2583bffe62b7a3fdd9d0231565
Size

531KB
MD5

6f3a57840ea55ffdab293b986cffdff7
SHA1

b4526dcf3687b68dc1d6db891fd518ac65ec1627
SHA256

641f8180f52b93b63d621af5eceb4c3606b76d2583bffe62b7a3fdd9d0231565
SHA512

04d594d4a31c29c713615c878422c2144b9fac0eb4fa814817e139e128e971baed45eaa3fa044c3b538b12be1f5e05e7fa9adfb2dc8ca6f55295477bdb6e2851
SSDEEP

12288:ERcJIcvqKV/SWA/tdPPxTeb/5R0qWXzqKby++pZ3Gxujj:lJIcvqKFSWIPZTy/P07G+YZeu3

Score

N/A

Malware Config

Signatures

Files

641f8180f52b93b63d621af5eceb4c3606b76d2583bffe62b7a3fdd9d0231565
.exe windows x86

e204e92e59e12c8efc51cee9e1802076

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx
CreateMappedBitmap
CreateToolbar
ImageList_ReplaceIcon
ImageList_LoadImageW
ImageList_BeginDrag
ImageList_Replace
DrawStatusText
ImageList_GetFlags
ImageList_AddMasked
CreateStatusWindowA

user32

DefWindowProcA
WINNLSEnableIME
DrawTextExW
GetWindowRgn
GetTabbedTextExtentW
GetClientRect
DdeDisconnect
OpenWindowStationA
ExcludeUpdateRgn
ShowWindow
PostMessageA
GetKeyNameTextA
FindWindowExW
IsCharAlphaNumericW
GetProcessDefaultLayout
IsRectEmpty
TabbedTextOutA
RegisterClassA
SetSysColors
RegisterClassExA
DdeReconnect

kernel32

CreateMailslotA
WaitNamedPipeW
HeapAlloc
GetCPInfo
EnterCriticalSection
GetStringTypeW
CreateNamedPipeW
GetLocaleInfoA
OpenFile
GetCompressedFileSizeA
GetCommandLineW
RtlUnwind
WideCharToMultiByte
ReadConsoleOutputW
GetVersionExA
GetTimeFormatA
GetTimeZoneInformation
GetProcAddress
MoveFileW
VirtualQuery
ReadConsoleA
LCMapStringW
GetCurrentProcess
GetEnvironmentVariableW
SetLastError
OpenFileMappingW
GetSystemInfo
FindFirstFileExW
MultiByteToWideChar
WriteFile
IsValidLocale
VirtualAlloc
GetCurrencyFormatW
GetLastError
GetTickCount
GetLocaleInfoW
GetCommandLineA
GetStringTypeA
GetUserDefaultLCID
GetStringTypeExA
GetStdHandle
GetProfileSectionW
GetModuleFileNameA
QueryPerformanceCounter
LCMapStringA
GetACP
GetModuleFileNameW
ExitProcess
TerminateProcess
OpenMutexA
LeaveCriticalSection
GetCurrentThread
GetDiskFreeSpaceExW
GetCurrentProcessId
HeapFree
VirtualFree
SetHandleCount
ReadFile
UnhandledExceptionFilter
SetEnvironmentVariableW
InterlockedExchange
GetDateFormatA
InterlockedExchangeAdd
SetEnvironmentVariableA
SetStdHandle
DeleteCriticalSection
GetModuleHandleA
FlushFileBuffers
GetOEMCP
FlushViewOfFile
GetCurrentThreadId
SetFilePointer
FreeEnvironmentStringsA
CompareStringW
GetWindowsDirectoryW
VirtualProtect
HeapCreate
IsBadWritePtr
HeapSize
TlsFree
EnumSystemLocalesA
CloseHandle
InitializeCriticalSection
TlsAlloc
FindAtomW
GetEnvironmentStrings
GetStartupInfoA
GetEnvironmentStringsW
GetFileType
CreateMutexA
GetStartupInfoW
HeapReAlloc
FreeEnvironmentStringsW
TlsGetValue
UnmapViewOfFile
TlsSetValue
LoadLibraryA
CompareStringA
GetSystemDefaultLCID
HeapDestroy
IsValidCodePage
GetSystemTimeAsFileTime

Sections

.text
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 208KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e204e92e59e12c8efc51cee9e1802076

Headers

File Characteristics

Imports

comctl32

user32

kernel32

Sections

.text Size: 197KB - Virtual size: 196KB

.rdata Size: 208KB - Virtual size: 217KB

.data Size: 110KB - Virtual size: 109KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 197KB - Virtual size: 196KB

.rdata
Size: 208KB - Virtual size: 217KB

.data
Size: 110KB - Virtual size: 109KB

.rsrc
Size: 14KB - Virtual size: 14KB