9b0df22e356535f1210818d33e57d8fa1ba350d40d7f5be5b7f1baba0fa304b8

Sharing

Copy URL Twitter E-mail

General

Target

9b0df22e356535f1210818d33e57d8fa1ba350d40d7f5be5b7f1baba0fa304b8
Size

89KB
MD5

5a09dacacb9ca05e04e976f5c931f3a2
SHA1

3bcd044f09830bb39793ad50c8ed73929005c1f8
SHA256

9b0df22e356535f1210818d33e57d8fa1ba350d40d7f5be5b7f1baba0fa304b8
SHA512

cae2e00d51f18b42869d2e9f8c04a0327a1e29a69eba4f98794aed20ebeb59b4458413c33fe3d458566b858f4d4ca0faae2b0789ab70f7bb573aae0ba12a3472
SSDEEP

1536:kBvFsAwfyyDO+WsEJ0m68WL26WM7XalJi9h1ooiMkJKgQsrXqi/uO:kBVPuO+Wcm6882PM7Xj9hGhDNQsrXdX

Score

N/A

Malware Config

Signatures

Files

9b0df22e356535f1210818d33e57d8fa1ba350d40d7f5be5b7f1baba0fa304b8
.exe windows x86

ddecaffa931b158ce3bb9d2cb92b6437

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__setusermatherr
_acmdln
_errno
__p__fmode
_adjust_fdiv
_setmode
strchr
fread
_cexit
_exit
_except_handler3
__p__commode
exit
__getmainargs
memcpy
calloc
fopen
_initterm
__set_app_type
sqrt
free

kernel32

ReadFile
GetStartupInfoA
GetCPInfo
GlobalUnlock
GetExitCodeProcess
GetTickCount
WriteFile
FlushFileBuffers
GetLocaleInfoA
GetDriveTypeA
CompareStringW
WideCharToMultiByte
OpenProcess
GetModuleHandleW
SetFileAttributesW
GetUserDefaultLangID
IsBadWritePtr
SetErrorMode
GetEnvironmentVariableA
GetCurrentDirectoryA
FreeLibrary
GlobalHandle

comctl32

ImageList_ReplaceIcon
ImageList_Read
ImageList_SetOverlayImage
ImageList_SetBkColor
PropertySheetW
ImageList_Remove
ImageList_Write
CreatePropertySheetPageA
ImageList_SetImageCount
ImageList_BeginDrag

oleaut32

VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysStringLen
SafeArrayCreate
SysFreeString
VariantCopy

ole32

CoCreateGuid
StgOpenStorageOnILockBytes
IIDFromString
OleInitialize
CoFreeUnusedLibraries
CoTaskMemRealloc
RegisterDragDrop
ProgIDFromCLSID
CoRevokeClassObject
StringFromGUID2
CreateBindCtx

gdi32

StretchBlt
EnumFontsA
GetViewportOrgEx
DeleteEnhMetaFile
PatBlt
EnumFontFamiliesExW
SetDIBits
SetGraphicsMode
GetTextMetricsA
CreateFontW
ExtEscape

user32

GetScrollPos
GetMessagePos
WaitMessage
ShowOwnedPopups
SetClipboardData
GetFocus
DestroyMenu
IsRectEmpty

advapi32

OpenSCManagerA
GetLengthSid
RegDeleteKeyA
RegSetValueExA
AddAccessAllowedAce
RegFlushKey
AdjustTokenPrivileges

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ddecaffa931b158ce3bb9d2cb92b6437

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

oleaut32

ole32

gdi32

user32

advapi32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 62KB - Virtual size: 61KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 62KB - Virtual size: 61KB

.rsrc
Size: 3KB - Virtual size: 2KB