af9670e24651fc60ce71c30ce7d126af04de44282f1ad4aad69a82c380833e9e

Sharing

Copy URL Twitter E-mail

General

Target

af9670e24651fc60ce71c30ce7d126af04de44282f1ad4aad69a82c380833e9e
Size

120KB
MD5

339a257260ce5d2c1a1dbf48381d98fd
SHA1

90beb9c0c8ae3383ebf6b148f96acfb943254103
SHA256

af9670e24651fc60ce71c30ce7d126af04de44282f1ad4aad69a82c380833e9e
SHA512

98871fc54f7d97bdf80cc5bd32510a5deaef17f7d9dc79c6c93249ee90ff2b83c911a157d791d03e1f300c68a2d388d60acc5435f4989d040f652e6bc35e5822
SSDEEP

3072:Ljhl0tCt23a4w2jMAPusqmrQJCHGcUBdw0/+PMUyDLQtzeq:PY7jMtmUJBcCvGPDmL/

Score

N/A

Malware Config

Signatures

Files

af9670e24651fc60ce71c30ce7d126af04de44282f1ad4aad69a82c380833e9e
.exe windows x86

99c6b1f653a35530feae4c1c29065a9d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetUserDefaultLCID
LocalFree
GetFileType
VirtualProtect
VirtualAlloc
GetLocaleInfoW
GetConsoleMode
GetCommandLineA
GetModuleHandleA
EnumCalendarInfoA
GetTempPathW
GetStringTypeExA
GetTimeZoneInformation
GetStartupInfoA
GetCurrentDirectoryA

msvcrt

_onexit
fgetpos
__p__fmode
_except_handler3
longjmp
_getcwd
__set_app_type
fread
_acmdln
_adjust_fdiv
malloc
exit
_XcptFilter
__setusermatherr
log
__p__commode
isspace
__getmainargs
_initterm

user32

IsRectEmpty
GetMenu
KillTimer
ClientToScreen
DrawTextA
UpdateWindow
OpenClipboard
GetWindowRect
RemoveMenu
SetActiveWindow

shell32

ShellExecuteA
SHGetFileInfo
SHGetSpecialFolderPathA
SHFileOperationA
SHGetDiskFreeSpaceExW
ShellExecuteExW
SHCreateDirectoryExA
SHBindToParent
ShellExecuteEx
SHBrowseForFolderW

gdi32

DeleteMetaFile
SetWorldTransform
CreateBrushIndirect
MaskBlt
IntersectClipRect
CreatePen

comctl32

ImageList_DrawEx
ImageList_Write
ImageList_GetIcon
ImageList_EndDrag
ImageList_SetDragCursorImage
DestroyPropertySheetPage
ImageList_SetBkColor
ImageList_BeginDrag
ImageList_AddMasked
ImageList_Add
ImageList_SetIconSize

ole32

CoUninitialize
CoFreeUnusedLibraries
CoCreateInstance
RevokeDragDrop
IsAccelerator
CoTaskMemAlloc
CoSetProxyBlanket
OleSetClipboard
StgCreateDocfileOnILockBytes
CoCreateGuid
OleUninitialize

advapi32

GetSecurityDescriptorDacl
RegEnumValueA
LookupPrivilegeValueA
CryptDestroyHash
InitializeAcl
ControlService
AddAccessAllowedAce
RegSetValueExW
CryptCreateHash

version

VerQueryValueW
VerLanguageNameA
VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerInstallFileA
VerInstallFileW

oleaut32

SysFreeString
SafeArrayPtrOfIndex
SysReAllocStringLen
SysAllocStringByteLen
SafeArrayPutElement
SetErrorInfo

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99c6b1f653a35530feae4c1c29065a9d

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

shell32

gdi32

comctl32

ole32

advapi32

version

oleaut32

Sections

.text Size: 55KB - Virtual size: 54KB

.data Size: 43KB - Virtual size: 42KB

.rsrc Size: 21KB - Virtual size: 20KB

.text
Size: 55KB - Virtual size: 54KB

.data
Size: 43KB - Virtual size: 42KB

.rsrc
Size: 21KB - Virtual size: 20KB