7061a127974e0fedc5785086d3dd64576ffbb42fcb8988eadf127193e86e27ae

Sharing

Copy URL Twitter E-mail

General

Target

7061a127974e0fedc5785086d3dd64576ffbb42fcb8988eadf127193e86e27ae
Size

108KB
MD5

2f6d414377e7033f185452c37bd61190
SHA1

2fd279835ea1e4c4964d200bd58a0897457c5cbc
SHA256

7061a127974e0fedc5785086d3dd64576ffbb42fcb8988eadf127193e86e27ae
SHA512

7a82c4d280b6636f788d108f56f42ed569afc87113f91b7a03c9cc149831d8477e9c9948d4a09d0318e92353b21400a6e4ca72a7ccedbb407368f3ce27ef23ac
SSDEEP

3072:Tc2ditIsz6GcZy7X08G6HX/P8V5VAwN9sD:vitIsGGGy7D5

Score

N/A

Malware Config

Signatures

Files

7061a127974e0fedc5785086d3dd64576ffbb42fcb8988eadf127193e86e27ae
.exe windows x86

1faf956f191dccd3ff82c1a9ae00fe89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateFileMappingA
ExitProcess
LocalFileTimeToFileTime
SetFileAttributesA
CompareStringA
GetStartupInfoA
GetTempPathA
IsDBCSLeadByte
GetCurrentDirectoryA
GetModuleHandleA
VirtualProtect
CreateProcessA
GetOEMCP

msvcrt

cos
atol
_mbsrchr
getenv
calloc
_adjust_fdiv
malloc
__p__fmode
_except_handler3
isleadbyte
exit
rename
__setusermatherr
__mb_cur_max
_initterm
__initenv
__getmainargs
__set_app_type
log
_XcptFilter
_acmdln
_wcsupr
__p__commode
wcsncmp

user32

SetPropA
GetKeyState
GetIconInfo
GetWindowLongA
BeginPaint
UpdateWindow
GetDesktopWindow
DestroyMenu
SetScrollPos
GetMessagePos

version

GetFileVersionInfoA
VerQueryValueA
VerLanguageNameA
GetFileVersionInfoSizeW
VerFindFileW
GetFileVersionInfoW

gdi32

GetTextFaceW
GetRegionData
SetBkColor
GetPaletteEntries
ExtEscape
GetBitmapBits
CopyMetaFileW
SetPolyFillMode

advapi32

RegCloseKey
OpenThreadToken
RegEnumKeyExA
CryptGenRandom
RegFlushKey
DeleteService
CheckTokenMembership
FreeSid
RegCreateKeyExW
RegQueryValueA

ole32

OleIsCurrentClipboard
OleRun
OleInitialize
CoInitializeEx
IsEqualGUID
CoCreateInstance
OleGetClipboard
PropVariantClear
CoRegisterClassObject

shell32

SHAppBarMessage
SHGetPathFromIDListW
SHFileOperationW
Shell_NotifyIconA
DragQueryFileA
SHChangeNotify
SHBindToParent
SHGetPathFromIDList
ShellExecuteEx
DoEnvironmentSubstW
SHGetDesktopFolder

comctl32

CreatePropertySheetPageW
ImageList_Draw
PropertySheetA
CreateStatusWindowA
ImageList_GetImageCount
ImageList_Destroy

oleaut32

SysAllocStringByteLen
CreateErrorInfo
SysAllocStringLen
VariantInit
SysReAllocStringLen
VariantCopyInd
SafeArrayPtrOfIndex
SafeArrayRedim
SafeArrayGetUBound
VariantCopy

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1faf956f191dccd3ff82c1a9ae00fe89

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

version

gdi32

advapi32

ole32

shell32

comctl32

oleaut32

Sections

.text Size: 53KB - Virtual size: 52KB

.data Size: 42KB - Virtual size: 41KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 53KB - Virtual size: 52KB

.data
Size: 42KB - Virtual size: 41KB

.rsrc
Size: 12KB - Virtual size: 12KB