f7a4da2ad0ac9dd26aef99aa12a7b35e1147871e7dd247dd95db578980984b38

Sharing

Copy URL Twitter E-mail

General

Target

f7a4da2ad0ac9dd26aef99aa12a7b35e1147871e7dd247dd95db578980984b38
Size

553KB
MD5

7b885f9e83a6b566fa6830d0a74b9e52
SHA1

0690cfa787c9699b594ed6e40355b2362ebfc4e7
SHA256

f7a4da2ad0ac9dd26aef99aa12a7b35e1147871e7dd247dd95db578980984b38
SHA512

9a8d8d52366459fa270dddde6df82c8f9bb9a695da679f48212b1047f4dc2243d6b4ba0dbdf25d753768de1dc6b0c46cdd11d7625cc890b5fa0d62dd9013213d
SSDEEP

12288:04x4Qz+kGISdQtcQBP/orm1t+N0AzD4SR:04x4QzKIAn4normGN0AJR

Score

N/A

Malware Config

Signatures

Files

f7a4da2ad0ac9dd26aef99aa12a7b35e1147871e7dd247dd95db578980984b38
.exe windows x86

27651c8ab2cb24f34870f86687420910

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetLocaleInfoA
GetVersionExA
GetUserDefaultLangID
LoadLibraryW
GetCurrentThreadId
EnterCriticalSection
GetThreadLocale
RaiseException
Sleep
LocalAlloc
GetFileAttributesW
GetDateFormatW
GetTimeFormatW
lstrcpynW
FileTimeToLocalFileTime
SystemTimeToFileTime
FileTimeToSystemTime
LocalFree
GetModuleHandleW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
GetModuleFileNameW
LeaveCriticalSection
InterlockedExchange
DeleteCriticalSection
InterlockedDecrement
lstrcmpiW
InterlockedIncrement
lstrlenW
lstrcpyW
OutputDebugStringA
InitializeCriticalSection
SetThreadLocale
GetProcessHeap
HeapAlloc
GetLocaleInfoW
GetVersionExW
GetLastError

user32

GetWindowLongW
SetWindowLongW
wsprintfW
GetWindowTextW
GetActiveWindow
CharNextW
GetParent
GetDlgItem
UnregisterClassA
MapWindowPoints
SendMessageW
GetWindowRect
MessageBoxW
LoadStringW
SetDlgItemTextW
GetDlgItemTextW
SetWindowPos

gdi32

CreateDIBSection
GdiFlush

advapi32

RegQueryInfoKeyW
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW

shell32

DragQueryFileW

ole32

CoTaskMemRealloc
CoTaskMemFree
ReleaseStgMedium
StringFromGUID2
CoTaskMemAlloc
CoCreateInstance

ntdll

memset
isdigit
memcpy

msvcrt

free
malloc

comctl32

CreatePropertySheetPageW
DestroyPropertySheetPage

shlwapi

PathRenameExtensionW

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 436KB - Virtual size: 756KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27651c8ab2cb24f34870f86687420910

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

ntdll

msvcrt

comctl32

shlwapi

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 436KB - Virtual size: 756KB

.rsrc Size: 102KB - Virtual size: 101KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 436KB - Virtual size: 756KB

.rsrc
Size: 102KB - Virtual size: 101KB