765d5909ac10084cff82e40a458cbbf82f208d7b16f092b06ce3f9c868bd0897

Sharing

Copy URL Twitter E-mail

General

Target

765d5909ac10084cff82e40a458cbbf82f208d7b16f092b06ce3f9c868bd0897
Size

119KB
MD5

c2408e2ca325bb44a471bee7b3b4a006
SHA1

ea9ec622cec714ec307ef8a01e940c5e9198518a
SHA256

765d5909ac10084cff82e40a458cbbf82f208d7b16f092b06ce3f9c868bd0897
SHA512

6a9733bb0082e2239d4ce03bfa07a8f26530a9d0867d0f92ff08173f782117e523715ae00062139fd070543bdf64f6b3b12c6191eb579de4abf490d752be9dff
SSDEEP

3072:Y47gieeVtBX812d5lrdbNcob9RUTYczgvv2sQkL:Ymgi79bJRcobQYckGsf

Score

N/A

Malware Config

Signatures

Files

765d5909ac10084cff82e40a458cbbf82f208d7b16f092b06ce3f9c868bd0897
.exe windows x86

f6e91d06c3b9611ed76600f9298243c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_XcptFilter
__getmainargs
__setusermatherr
_acmdln
__p__environ
printf
_snprintf
fopen
__set_app_type
_onexit
strncpy
fclose
__p__commode
strcmp
strlen
_adjust_fdiv
exit
wcslen
getenv
_except_handler3
_exit
free
fwrite
remove
strcpy
_strnicmp
_initterm
abort
malloc
fread
__p__fmode
fseek

kernel32

FileTimeToLocalFileTime
lstrcmpA
GetProcAddress
GetTempPathW
VirtualFree
SetUnhandledExceptionFilter
SetEnvironmentVariableA
GetFileAttributesA
GlobalLock
LoadLibraryA
GetModuleHandleW
SetFileAttributesA
MultiByteToWideChar
LCMapStringW
lstrlenW
Sleep
CopyFileA

user32

CharLowerA
OpenClipboard
SetScrollPos
GetDC
EndDialog
SetCursor
GetDesktopWindow
SetFocus
SetScrollInfo
DrawEdge
GetFocus
GetMessageA
FrameRect
GetWindowPlacement
WinHelpA
DialogBoxParamA
IsIconic
GetScrollInfo

gdi32

EndPage
FillRgn
BitBlt
CreateRoundRectRgn
CreatePatternBrush
CreateSolidBrush
AbortDoc
ExcludeClipRect
SetWorldTransform
GetDIBits
Ellipse
PolyBezierTo

oleaut32

VariantCopy
SysAllocStringLen
SysAllocStringByteLen
SafeArrayPutElement
SafeArrayRedim

advapi32

RegCloseKey
AddAccessAllowedAce
RegEnumValueA
CryptDestroyHash
RegOpenKeyW
RegDeleteKeyW
CryptGenRandom
RegOpenKeyExW
RegEnumValueW

shell32

ExtractIconExW
SHGetDesktopFolder
SHGetSpecialFolderLocation
ExtractIconExA
SHGetSpecialFolderPathA
FindExecutableW
SHGetSettings
ShellExecuteW

comctl32

ImageList_SetBkColor
InitializeFlatSB
ImageList_GetIcon
ImageList_DragShowNolock
ImageList_DragLeave
ImageList_GetImageCount
ImageList_Replace
ImageList_SetDragCursorImage
ImageList_Read

ole32

CoInitializeEx
CLSIDFromProgID
CoTaskMemRealloc
CoSetProxyBlanket
OleRun
OleInitialize
CreateItemMoniker
PropVariantClear

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6e91d06c3b9611ed76600f9298243c8

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

oleaut32

advapi32

shell32

comctl32

ole32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 46KB - Virtual size: 60KB

.rsrc Size: 66KB - Virtual size: 66KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 46KB - Virtual size: 60KB

.rsrc
Size: 66KB - Virtual size: 66KB