9387ec971e77f1d802fc60980738ecf656c58cbb986f1bed2525828b04eff0c3

General

Target

9387ec971e77f1d802fc60980738ecf656c58cbb986f1bed2525828b04eff0c3
Size

166KB
MD5

c1cdb419f05e69d90c10131896337cd6
SHA1

95eecc58766968dfa4f9a4786837ea19a3aa99be
SHA256

9387ec971e77f1d802fc60980738ecf656c58cbb986f1bed2525828b04eff0c3
SHA512

21fdacbd7b6102f5114541179433f4a755f6e99dc39e8a35224f5ef887533b8c5a73b832881535ed452e40bf8bdae8e2c71a0ea5c7a1226a37ddcde5bf93ea27
SSDEEP

3072:fYynmP47+9WXyb2R7eO9Y1n9Oc9s/i5a4WgDRVYTV5bBc+dMOb9q:hk0iesnkce/i+gDITV5bPdRb9q

Score

N/A

Malware Config

Signatures

Files

9387ec971e77f1d802fc60980738ecf656c58cbb986f1bed2525828b04eff0c3
.exe windows x86

dfb9eb056bd7d055e4d2d271d5ee2dc3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddBackslashA

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

ole32

CLSIDFromString
CoCreateInstance
CoTaskMemFree
StgCreateDocfile

kernel32

CloseHandle
GetCurrentProcessId
AddAtomA
IsBadCodePtr
GetStringTypeW
GetSystemTimeAsFileTime
GetStringTypeA
FlushFileBuffers
InterlockedDecrement
GetLastError
InterlockedIncrement
HeapAlloc
LCMapStringW
GetModuleHandleA
LoadLibraryExA
GetCurrentProcess
EnumResourceNamesA
IsDBCSLeadByteEx
SetStdHandle
RaiseException
LCMapStringA
IsBadReadPtr
LeaveCriticalSection
GetCurrentThreadId
EnterCriticalSection
DeleteCriticalSection
SetFilePointer
FlushInstructionCache
InitializeCriticalSection
SizeofResource

comdlg32

ChooseFontA
GetOpenFileNameA

gdi32

CreateFontIndirectA

advapi32

RegSetValueExA
RegEnumValueA
RegCreateKeyA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegQueryInfoKeyA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA

shell32

Shell_NotifyIconA

Sections

.text
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dfb9eb056bd7d055e4d2d271d5ee2dc3

Headers

File Characteristics

Imports

shlwapi

setupapi

ole32

kernel32

comdlg32

gdi32

advapi32

shell32

Sections

.text Size: 91KB - Virtual size: 90KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 77KB - Virtual size: 76KB

.reloc Size: 1024B - Virtual size: 124KB

.text
Size: 91KB - Virtual size: 90KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 77KB - Virtual size: 76KB

.reloc
Size: 1024B - Virtual size: 124KB