91ec0eae5667a6dc0f3c414d59f161a61f39e15257f01930a23f46a1ed0b22f2

Sharing

Copy URL

Twitter E-mail

General

Target

91ec0eae5667a6dc0f3c414d59f161a61f39e15257f01930a23f46a1ed0b22f2
Size

294KB
MD5

2e9953436b0a50e6790b4aca52ccdcbc
SHA1

cd204cc097daa5145f500d0658949c2fc000f7f5
SHA256

91ec0eae5667a6dc0f3c414d59f161a61f39e15257f01930a23f46a1ed0b22f2
SHA512

558c6e8a1a8b729803709d42992adaed69629a0d3d5ddd0a120563c406a43b2f0633e19587383db61d72bc1395a06f966550f5b19c9dfc945ec738c27ff09101
SSDEEP

6144:cii/AdpkpF7yz3CydFEkDaAB5b43PQWOn3jEbF6pOO5N1A1KNP:CATkFa3nd+6aa1koW23QYpOq5

Score

N/A

Malware Config

Signatures

Files

91ec0eae5667a6dc0f3c414d59f161a61f39e15257f01930a23f46a1ed0b22f2
.exe windows x86

f1cc903f6f6cc42f11b529faa05c2fc0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantCopyInd
VariantClear
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

CloseServiceHandle
SetSecurityDescriptorDacl
QueryServiceStatus
OpenServiceA
InitializeSecurityDescriptor
DeleteService
CreateServiceA
ControlService
AdjustTokenPrivileges

ole32

WriteClassStm
RevokeDragDrop
ProgIDFromCLSID
CLSIDFromProgID
OleSetClipboard
OleSaveToStream
OleLockRunning
OleGetClipboard
GetRunningObjectTable
GetConvertStg
DoDragDrop
CoRegisterMessageFilter
CoLockObjectExternal
CoGetMalloc
CoCreateGuid
RegisterDragDrop

user32

EndDeferWindowPos
DestroyIcon
DestroyCaret
CreateCursor
CloseWindow
ShowCursor

shell32

SHGetMalloc
SHFileOperationA
SHGetFileInfoA
SHBindToParent

shlwapi

PathIsDirectoryA
PathFindExtensionA
PathQuoteSpacesA
PathAppendA
PathUnquoteSpacesA
StrChrA
StrStrIA
PathCanonicalizeA

msvcrt

strstr
strlen
sprintf
sscanf
fflush
free
rand

kernel32

lstrlenA
WriteFile
VirtualFree
SleepEx
SetLastError
SetEndOfFile
RtlUnwind
RaiseException
OpenFile
MapViewOfFile
LocalAlloc
HeapAlloc
GetVersion
GetModuleHandleA
FlushFileBuffers
lstrcmpiA

Exports

Exports

Cng
Dip
Fzl
Jyi
Nly
Pcx
Qwt
Syw

Sections

.text
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 178KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1cc903f6f6cc42f11b529faa05c2fc0

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

user32

shell32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 28KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 32KB - Virtual size: 32KB

.idata Size: 178KB - Virtual size: 180KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 26KB - Virtual size: 28KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 32KB - Virtual size: 32KB

.idata
Size: 178KB - Virtual size: 180KB

.rsrc
Size: 24KB - Virtual size: 28KB