7245bfaf2edb41b54f9f10f567d27527b6653189d054bd4e13580bd6dd0862c7

Sharing

Copy URL Twitter E-mail

General

Target

7245bfaf2edb41b54f9f10f567d27527b6653189d054bd4e13580bd6dd0862c7
Size

110KB
MD5

78b7fe79eb50fbb90f20c80fc52d83bc
SHA1

10bae260b356cae538e21314218157616486cf40
SHA256

7245bfaf2edb41b54f9f10f567d27527b6653189d054bd4e13580bd6dd0862c7
SHA512

8abc9d96c104b242e10e4f94f7f0a60727a209d5acf01025b06bad904585e6f09514de72f6acd3bfe686135b72d0e85e9a400bfde6b2fcf586b11979d560d6d4
SSDEEP

3072:921zRxOdJROu7ED7H8usjpwod+zkIOsbm236FOWW:cBRxOPR5788Hpwod+Lv36kWW

Score

N/A

Malware Config

Signatures

Files

7245bfaf2edb41b54f9f10f567d27527b6653189d054bd4e13580bd6dd0862c7
.exe windows x86

2183e3e09503748e26ba0134c0c31909

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

getenv
fseek
strcpy
_exit
_acmdln
fclose
strcmp
__getmainargs
exit
_setmode
_except_handler3
_errno
_write
__set_app_type
_XcptFilter
free
realloc
remove
fopen
__dllonexit
fwrite
__setusermatherr
_adjust_fdiv
malloc
printf
__p__fmode
__p__commode
strchr
memmove
fputs
fread
atexit
_onexit
_initterm
strlen

kernel32

SetLastError
GlobalLock
GetPrivateProfileStringA
GetProcAddress
GetStartupInfoW
GetModuleHandleW
FileTimeToDosDateTime
GetLocaleInfoA
LoadLibraryA
GetStringTypeA
GlobalAlloc

shell32

SHBrowseForFolderW
DragQueryFileW
SHBindToParent
SHFileOperationA
SHGetFileInfo
SHGetSpecialFolderPathW
SHGetMalloc
ExtractIconExA
Shell_NotifyIconW
SHCreateDirectoryExA
DragAcceptFiles
ShellExecuteEx

gdi32

GetObjectType
SetBkMode
GetEnhMetaFileDescriptionA
CreateEnhMetaFileA
GetTextExtentPoint32A

user32

GetWindowTextA
ScrollWindow
GetClassNameA
SetScrollPos
GetDC
RegisterClassA
WinHelpA
SetScrollInfo
LoadIconA
GetTopWindow
SetClipboardData
PtInRect
GetWindowPlacement
wsprintfA
EndDialog

comctl32

ImageList_AddMasked
ImageList_DragShowNolock
ImageList_EndDrag
CreatePropertySheetPageA
ImageList_Remove
InitCommonControls

advapi32

AddAccessAllowedAce
CryptReleaseContext
RegDeleteKeyW
InitializeAcl
AllocateAndInitializeSid
OpenSCManagerW
RegCreateKeyExA
RegEnumKeyW
OpenServiceA
RegQueryValueA
RegDeleteValueW
RegQueryValueExA

oleaut32

SafeArrayUnaccessData
SetErrorInfo
VariantInit
VariantCopy
SafeArrayPutElement
SysStringByteLen
SysAllocStringByteLen

ole32

OleRun
CoTaskMemAlloc
PropVariantClear
CoLoadLibrary
StringFromIID
CoInitialize
OleSetMenuDescriptor
CreateBindCtx
CoDisconnectObject
RegisterDragDrop
StringFromGUID2
CoCreateGuid
StringFromCLSID
CLSIDFromString

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fponsor
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2183e3e09503748e26ba0134c0c31909

Headers

File Characteristics

Imports

msvcrt

kernel32

shell32

gdi32

user32

comctl32

advapi32

oleaut32

ole32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 43KB - Virtual size: 61KB

.rsrc Size: 60KB - Virtual size: 88KB

fponsor Size: - Virtual size: 4KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 43KB - Virtual size: 61KB

.rsrc
Size: 60KB - Virtual size: 88KB

fponsor
Size: - Virtual size: 4KB