87d65493523bf5374d3d2132613ec36cc3da64269dd288dbfdd2c320b0a9b609

General

Target

87d65493523bf5374d3d2132613ec36cc3da64269dd288dbfdd2c320b0a9b609
Size

171KB
MD5

e5b1475dae963763ff6eab0ede2b752b
SHA1

37042cb461acf9f3b19dd6ef627c5d2841028bb7
SHA256

87d65493523bf5374d3d2132613ec36cc3da64269dd288dbfdd2c320b0a9b609
SHA512

964c48185e7081befd22c4566f56738efe6e7bc35d8d9a1a683a3b940926ac9f61e1f65152ba6bf7c9aad27c42426502319fb21721e398140b7659506c41a7cb
SSDEEP

3072:KRJzjeGSrR9M6ELg11JNekgeCOpodSsuPFs/IiRzvjAVl3QtrMSPrNC/4cty7qD1:8JzCGqjM6Es1zNeGdpoXuP+/rRzLALQw

Score

N/A

Malware Config

Signatures

Files

87d65493523bf5374d3d2132613ec36cc3da64269dd288dbfdd2c320b0a9b609
.exe windows x86

dba77aa4a3c3ffe080529ad1d74568da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderLocation
SHCreateDirectoryExW
CommandLineToArgvW

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

gdi32

ArcTo
PolyDraw

kernel32

VirtualProtect
lstrlenW
VirtualFree
VirtualAlloc
ExitProcess
FindFirstFileW
FindNextFileW
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFullPathNameW
GetModuleHandleA
GetProcAddress
InterlockedExchange
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter

user32

MessageBoxW
IsWindow

msvcrt

_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_controlfp
_exit
_initterm
_ismbblead
_wcsdup
_wcslwr
exit
free
memset
printf
wcsstr
wprintf

Exports

Exports

AAuxDecode
CchFileTimeToDateTimeW
CreateSystemHandleName
HrFillRasCombo
HrGetBodyElement
HrGetStyleSheet
HrIsStreamUnicode
IsHttpUrlA
PrepareUpdate
PszSkipWhiteW
RicheditStreamIn
StrTokEx

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dba77aa4a3c3ffe080529ad1d74568da

Headers

DLL Characteristics

File Characteristics

Imports

shell32

advapi32

gdi32

kernel32

user32

msvcrt

Exports

Exports

Sections

.text Size: 54KB - Virtual size: 53KB

.rdata Size: 95KB - Virtual size: 94KB

.data Size: 19KB - Virtual size: 19KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 54KB - Virtual size: 53KB

.rdata
Size: 95KB - Virtual size: 94KB

.data
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 1KB - Virtual size: 1KB