95e081bb8d8df2a89b130ab8a1f4d838557ca11507efdf424b20aba01a79a9b4

Sharing

Copy URL Twitter E-mail

General

Target

95e081bb8d8df2a89b130ab8a1f4d838557ca11507efdf424b20aba01a79a9b4
Size

553KB
MD5

c6a459548cad04d61cf1750f6be4d24d
SHA1

c6185b491dd2b85ffc15544a276faddae9a68ad2
SHA256

95e081bb8d8df2a89b130ab8a1f4d838557ca11507efdf424b20aba01a79a9b4
SHA512

fd775dbfa75de70b312d2ba5d3da01d02de3597ea37e1ea00a7c9305c30b0447bffd05b0dd01f574c85d070fe3ad4329d82018f4179892319d10955063b2cce1
SSDEEP

6144:zAQ3CCGbixm1RCauEypKGNTDP9klT6VPdLwI72LtcgXC:zb366m1yEypKQTUsPt26gS

Score

N/A

Malware Config

Signatures

Files

95e081bb8d8df2a89b130ab8a1f4d838557ca11507efdf424b20aba01a79a9b4
.exe windows x86

27651c8ab2cb24f34870f86687420910

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetLocaleInfoA
GetVersionExA
GetUserDefaultLangID
LoadLibraryW
GetCurrentThreadId
EnterCriticalSection
GetThreadLocale
RaiseException
Sleep
LocalAlloc
GetFileAttributesW
GetDateFormatW
GetTimeFormatW
lstrcpynW
FileTimeToLocalFileTime
SystemTimeToFileTime
FileTimeToSystemTime
LocalFree
GetModuleHandleW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
GetModuleFileNameW
LeaveCriticalSection
InterlockedExchange
DeleteCriticalSection
InterlockedDecrement
lstrcmpiW
InterlockedIncrement
lstrlenW
lstrcpyW
OutputDebugStringA
InitializeCriticalSection
SetThreadLocale
GetProcessHeap
HeapAlloc
GetLocaleInfoW
GetVersionExW
GetLastError

user32

GetWindowLongW
SetWindowLongW
wsprintfW
GetWindowTextW
GetActiveWindow
CharNextW
GetParent
GetDlgItem
UnregisterClassA
MapWindowPoints
SendMessageW
GetWindowRect
MessageBoxW
LoadStringW
SetDlgItemTextW
GetDlgItemTextW
SetWindowPos

gdi32

CreateDIBSection
GdiFlush

advapi32

RegQueryInfoKeyW
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW

shell32

DragQueryFileW

ole32

CoTaskMemRealloc
CoTaskMemFree
ReleaseStgMedium
StringFromGUID2
CoTaskMemAlloc
CoCreateInstance

ntdll

memset
isdigit
memcpy

msvcrt

free
malloc

comctl32

CreatePropertySheetPageW
DestroyPropertySheetPage

shlwapi

PathRenameExtensionW

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 436KB - Virtual size: 756KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27651c8ab2cb24f34870f86687420910

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

ntdll

msvcrt

comctl32

shlwapi

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 436KB - Virtual size: 756KB

.rsrc Size: 102KB - Virtual size: 101KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 436KB - Virtual size: 756KB

.rsrc
Size: 102KB - Virtual size: 101KB