8f836d7203bd46b1942b121c2776d9bf956a31f958098efe05c98b490b621c96

Sharing

Copy URL Twitter E-mail

General

Target

8f836d7203bd46b1942b121c2776d9bf956a31f958098efe05c98b490b621c96
Size

100KB
MD5

9a0789025217debb47a08a3e4652cbf1
SHA1

9acac144a60b4df3af197ecc74c3cc016d08560b
SHA256

8f836d7203bd46b1942b121c2776d9bf956a31f958098efe05c98b490b621c96
SHA512

8ab3ee12e59abe1a356425a580757a698daa4aaa1a56c8870f4151f117142f7ed03aa7bbb5f559e8730b8f3f2449a84d6d1d15523071563c2562d3a4c0d9e0e1
SSDEEP

3072:l1E7d4V74+LHEbb8urJoSacG5EGAFyKvtotQ:fid4V7bwUECS85gtuS

Score

N/A

Malware Config

Signatures

Files

8f836d7203bd46b1942b121c2776d9bf956a31f958098efe05c98b490b621c96
.exe windows x86

d7b0b65a84d9ca60ba8eece34a843114

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeW

advapi32

RegCreateKeyExW
RegEnumValueW
RegQueryValueExA
EqualSid
RegCreateKeyW
InitializeAcl

kernel32

ProcessIdToSessionId
GetShortPathNameW
GetConsoleMode
RtlUnwind
GetCurrentDirectoryW
HeapSize
GetTimeFormatA
GetCurrentProcessId
GetCPInfo
ReadFile
GetStartupInfoW
HeapDestroy
GetProcessHeap
GetTempFileNameA
GetModuleFileNameA
HeapCreate
VirtualAlloc
IsBadReadPtr
lstrcpynW
GlobalAlloc
CompareStringW
GetFileTime
HeapFree
ExitProcess
LoadResource
lstrlenA
CreateMutexW
SearchPathW
CopyFileA
GetLastError

comctl32

ImageList_Draw

gdi32

GetViewportOrgEx
PolylineTo
CreateDIBSection
CreateFontIndirectW
GetEnhMetaFileBits
Pie
CopyMetaFileW
SelectClipRgn
ExtTextOutA
CreatePen
PtVisible
GetObjectW
Arc
GetCurrentObject
GetBkMode
SetStretchBltMode
CloseMetaFile
GetPaletteEntries
Polyline
OffsetViewportOrgEx
GetTextColor
ExtFloodFill
GetEnhMetaFileHeader
SetPixelV
SetMapMode
ExcludeClipRect
TextOutA
Escape
DeleteMetaFile
CreateBrushIndirect
StretchDIBits
ScaleWindowExtEx
GetRgnBox
CreatePalette
GetTextExtentPoint32W
GetWinMetaFileBits
LineTo
GetTextCharsetInfo
SetPixel
SetWindowOrgEx
SelectPalette

msvcrt

strncat
fputs
fflush
wcscat
_itow
_ltow
strerror
_unlock
fwrite
_lock
__setusermatherr
_wfsopen
_close
strcmp
iswctype

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 35KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7b0b65a84d9ca60ba8eece34a843114

Headers

File Characteristics

Imports

version

advapi32

kernel32

comctl32

gdi32

msvcrt

Sections

.text Size: 30KB - Virtual size: 29KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 35KB - Virtual size: 80KB

.idata Size: 10KB - Virtual size: 29KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 30KB - Virtual size: 29KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 35KB - Virtual size: 80KB

.idata
Size: 10KB - Virtual size: 29KB

.rsrc
Size: 20KB - Virtual size: 19KB