942bde459ab10d2cd58f158d29a5430377a4f156cd2cc1f9d3d4e5f13ca455b6

Sharing

Copy URL

Twitter E-mail

General

Target

942bde459ab10d2cd58f158d29a5430377a4f156cd2cc1f9d3d4e5f13ca455b6
Size

21KB
MD5

2841b63bb1491c81b58b1930d01e1eca
SHA1

f097024bbd91232c29d437e067235bde8567e6e0
SHA256

942bde459ab10d2cd58f158d29a5430377a4f156cd2cc1f9d3d4e5f13ca455b6
SHA512

b1f0298a9e9dc6b2943330209cb63689aa99312bdadba52a0ad73ab06d359dfee60b1b4322be98d28257bd5ceb719f7a1e5c3e638a3604841e00e37dee0fe805
SSDEEP

384:ufXvSWzP9+K2cxQkRUCKXLWI1ySfxBPY8d8CNwliTXliT0++0imh3FrkDqQG1PIO:PlKtQcTKbWIlxBPYA8CNU+0/FrGqQaPB

Score

N/A

Malware Config

Signatures

Files

942bde459ab10d2cd58f158d29a5430377a4f156cd2cc1f9d3d4e5f13ca455b6
.exe windows x86

e034d6304c284adac742a9169765c67e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

shell32

ExtractIconW
Shell_NotifyIconW
ShellExecuteW
SHGetFileInfoW

comdlg32

GetFileTitleW

user32

GetLastActivePopup
GetTopWindow
GetMessageTime
SetDlgItemInt
SetActiveWindow
ScrollWindowEx
IsDialogMessageW
CharUpperW
DefWindowProcW
CreateWindowExW
SetTimer
GetMenuItemID
SystemParametersInfoA
GetMenuItemInfoW
GetClassLongW

shlwapi

PathRemoveExtensionW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW

kernel32

GetStringTypeExW
GetShortPathNameW
LeaveCriticalSection
GetFileAttributesW
LockFile
DuplicateHandle
WriteFile
HeapFree
FlushFileBuffers
GetThreadLocale
SetEndOfFile
SetLastError
ReadFile
GetUserDefaultLCID
lstrlenA
LoadLibraryA
DeleteFileW
LockResource
GetSystemInfo
CopyFileW
HeapAlloc
MulDiv
SetFilePointer
HeapReAlloc
SizeofResource
TlsGetValue
GetFullPathNameW
EnterCriticalSection
Sleep
FindNextFileW
GlobalLock
MoveFileW
GlobalAlloc
GlobalFree
LoadResource
LocalAlloc
GlobalUnlock
CloseHandle
UnlockFile
GetVersionExW
GetFileAttributesA
GetLastError
FindResourceW
GetProcessHeap
ResetEvent
lstrcpyA
GlobalReAlloc
GetCurrentProcessId
CreateProcessW
CreateEventW
FindClose
FormatMessageW
GlobalSize
VirtualAlloc
GetFileSize
WideCharToMultiByte
FindFirstFileW
lstrcmpiW
GetCurrentProcess
GetVolumeInformationW
WaitForSingleObject
lstrlenW
GetModuleFileNameW

advapi32

RegOpenKeyW
RegQueryValueExA
RegOpenKeyA
RegDeleteKeyW
RegNotifyChangeKeyValue
RegCreateKeyA
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCreateKeyW
RegSetValueExW
RegOpenKeyExA
RegCloseKey
RegDeleteValueW
RegEnumValueW
RegSetValueW
RegEnumKeyW
RegSetValueExA
RegDeleteKeyA
RegQueryValueW

ws2_32

WSAGetLastError

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

comctl32

ShowHideMenuCtl

Sections

.data
Size: 13KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 474B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e034d6304c284adac742a9169765c67e

Headers

File Characteristics

Imports

oleacc

shell32

comdlg32

user32

shlwapi

kernel32

advapi32

ws2_32

version

comctl32

Sections

.data Size: 13KB - Virtual size: 72KB

.reloc Size: 512B - Virtual size: 20B

.text Size: 512B - Virtual size: 474B

.rsrc Size: 2KB - Virtual size: 1KB

.rdata Size: 4KB - Virtual size: 3KB

.data
Size: 13KB - Virtual size: 72KB

.reloc
Size: 512B - Virtual size: 20B

.text
Size: 512B - Virtual size: 474B

.rsrc
Size: 2KB - Virtual size: 1KB

.rdata
Size: 4KB - Virtual size: 3KB