981049595fc779b3c2b2f44b0f8388b1996387826aa052607b83846a4853f280

Sharing

Copy URL Twitter E-mail

General

Target

981049595fc779b3c2b2f44b0f8388b1996387826aa052607b83846a4853f280
Size

10.2MB
MD5

56c38ae1a2b7306fb59de19a115c2405
SHA1

27379d1c3d343a847a10dd7bf8b831e64084206a
SHA256

981049595fc779b3c2b2f44b0f8388b1996387826aa052607b83846a4853f280
SHA512

30105307ada836a004e4f4d640e43a000b9a8b06bf7b84e8694d1f76c3ef2f8a4615a0b09eb89dfa68c63d2363efff762558f7e2cd2cf7afd2341b043664dd6a
SSDEEP

196608:7w8Rc8Y9iMz188GuPOstdjXectZHnsV0OFK1A5XkpMqEDkuif:skkvzO8HPOstEcgVy25ZB1if

Score

N/A

Malware Config

Signatures

Files

981049595fc779b3c2b2f44b0f8388b1996387826aa052607b83846a4853f280
.exe windows x86

8313feec8b3f32cfeb246ddfae5984f7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SafeArrayUnaccessData

advapi32

RegCloseKey

user32

GetKeyboardLayout

kernel32

GetVersion
GetVersionExW
GetVersion
IsDBCSLeadByte
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

gdi32

CreatePenIndirect

version

GetFileVersionInfoSizeW

shfolder

SHGetFolderPathW

ole32

CLSIDFromProgID

comctl32

ImageList_Draw

msvcrt

memset

shell32

Shell_NotifyIconW

winspool.drv

DocumentPropertiesW

wsock32

WSAAsyncSelect

crypt32

CryptUnprotectData

winmm

timeEndPeriod

Exports

Exports

TMethodImplementationIntercept

Sections

.text
Size: - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 24KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: - Virtual size: 95B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 80B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 8.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 10.2MB - Virtual size: 10.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8313feec8b3f32cfeb246ddfae5984f7

Headers

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

gdi32

version

shfolder

ole32

comctl32

msvcrt

shell32

winspool.drv

wsock32

crypt32

winmm

Exports

Exports

Sections

.text Size: - Virtual size: 3.3MB

.itext Size: - Virtual size: 8KB

.data Size: - Virtual size: 68KB

.bss Size: - Virtual size: 24KB

.idata Size: - Virtual size: 16KB

.didata Size: - Virtual size: 2KB

.edata Size: - Virtual size: 95B

.tls Size: - Virtual size: 80B

.rdata Size: - Virtual size: 24B

.vmp0 Size: - Virtual size: 8.4MB

.vmp1 Size: 10.2MB - Virtual size: 10.2MB

.reloc Size: 512B - Virtual size: 212B

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: - Virtual size: 3.3MB

.itext
Size: - Virtual size: 8KB

.data
Size: - Virtual size: 68KB

.bss
Size: - Virtual size: 24KB

.idata
Size: - Virtual size: 16KB

.didata
Size: - Virtual size: 2KB

.edata
Size: - Virtual size: 95B

.tls
Size: - Virtual size: 80B

.rdata
Size: - Virtual size: 24B

.vmp0
Size: - Virtual size: 8.4MB

.vmp1
Size: 10.2MB - Virtual size: 10.2MB

.reloc
Size: 512B - Virtual size: 212B

.rsrc
Size: 15KB - Virtual size: 15KB