856838887f5f7055759c703fc8c7595c0d0efcf2b28280563509fed8b89ad2bb

Sharing

Copy URL Twitter E-mail

General

Target

856838887f5f7055759c703fc8c7595c0d0efcf2b28280563509fed8b89ad2bb
Size

344KB
MD5

51de4efd04786417530a3943176ce2a3
SHA1

1aac47758ee66b7eb06df595d4ba1210b63a675f
SHA256

856838887f5f7055759c703fc8c7595c0d0efcf2b28280563509fed8b89ad2bb
SHA512

9ff58545637e1780a9ed48afb72ce1cd9e05f127c276ef7c8eaf3c354b04482316db4659bab1cc6497017ff4c9d45406480ab90c0dad5c9cc53a72e6a85aa4df
SSDEEP

6144:+B2wvpl6xyl67uDIW5WDOSN63rLhoIY25PBrtu8e2x7PqloBOWFIth5wnnsHo5:+MSpl6ggycfCrVoH29BrzH7bTWh5Jo5

Score

N/A

Malware Config

Signatures

Files

856838887f5f7055759c703fc8c7595c0d0efcf2b28280563509fed8b89ad2bb
.exe windows x86

2cd1c3bbc6577726814cb590e26d316f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ChildWindowFromPointEx
EndDialog
SetDlgItemInt
GetSysColor
DestroyWindow
CreateWindowExA
MessageBoxExA
IsWindowUnicode
TileWindows
CascadeWindows
GetWindowTextA

oledlg

ord9
ord5
ord2
ord7
ord12
ord4
ord10
ord6
ord3
ord1
ord11
ord8

gdi32

GetAspectRatioFilterEx
DeleteDC
GetBkMode
CombineTransform
GetBrushOrgEx
EndDoc
CopyEnhMetaFileW
DeleteEnhMetaFile
CreateCompatibleBitmap
GdiComment

advapi32

RegQueryValueExA
ReadEventLogA
RegConnectRegistryA
RegOpenKeyExA
ClearEventLogA
OpenBackupEventLogA
OpenThreadToken
SetTokenInformation
RegSetValueA
OpenEventLogA
RegQueryInfoKeyA

kernel32

GetProfileIntA
GetModuleHandleA
GetProcAddress
VirtualAlloc
ResetEvent
DeleteCriticalSection
OpenMutexA
GlobalMemoryStatus
LocalReAlloc
IsBadWritePtr
HeapWalk
GetUserDefaultLangID
LeaveCriticalSection
VirtualUnlock
GlobalFree
EnterCriticalSection
GetStartupInfoA

winmm

PlaySoundA

netapi32

NetErrorLogClear
NetConnectionEnum
Netbios
NetAuditClear
NetConfigGet
NetGetDCName
NetConfigSet
NetErrorLogRead
NetGetJoinInformation
NetFileClose
NetGetAnyDCName
NetGroupAddUser
NetAuditWrite

aclui

ord2
ord1

activeds

ord17
ord16
ord15
ord7
ord23
ord13
ord12
ord21
ord5
ord4
ord14
ord9
ord3

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_exit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_XcptFilter

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 327KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2cd1c3bbc6577726814cb590e26d316f

Headers

File Characteristics

Imports

user32

oledlg

gdi32

advapi32

kernel32

winmm

netapi32

aclui

activeds

msvcrt

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 327KB - Virtual size: 326KB

.data Size: 512B - Virtual size: 120KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 327KB - Virtual size: 326KB

.data
Size: 512B - Virtual size: 120KB

.rsrc
Size: 6KB - Virtual size: 5KB