8ed76c28043bb4291b40f83cb6be57619e4621ad3d518143096959bd7c97ce51

Sharing

Copy URL Twitter E-mail

General

Target

8ed76c28043bb4291b40f83cb6be57619e4621ad3d518143096959bd7c97ce51
Size

572KB
MD5

01a1297c75c10114708a2cd63bb30440
SHA1

88a7b6314f485a20b4289460afe7e91c72df02b4
SHA256

8ed76c28043bb4291b40f83cb6be57619e4621ad3d518143096959bd7c97ce51
SHA512

6eaa0c15fb095fd2147f8c62ec63a847fe8e59a128ee2fc75e6985559ca5e8ac2afcb956e0418c61f85ade4190dbad7f241e564babd2ab2e6e7cd5db3947ff89
SSDEEP

12288:VA0oq1MYXC2L0JZZXggJBZ3SJ/3u1e4vJEho5TOgTJ:VATq1MYSo0JzjdSJ/n4iho5Tp9

Score

N/A

Malware Config

Signatures

Files

8ed76c28043bb4291b40f83cb6be57619e4621ad3d518143096959bd7c97ce51
.exe windows x86

e41d370e4134d33547f8aab45512471a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetParent
CreateWindowExA
SendDlgItemMessageA
GetWindowRect
SetWindowPos
ScreenToClient
ChildWindowFromPointEx
DestroyIcon
WinHelpA
LoadMenuA
GetSubMenu
SetForegroundWindow
TrackPopupMenu
DestroyMenu
DialogBoxParamA
SetTimer
KillTimer
GetCursorPos
GetWindowLongA
SendMessageA
PostQuitMessage
DefWindowProcA
LoadIconA
LoadCursorA
RegisterClassA
ShowWindow
SetWindowLongA
LoadImageA
LoadStringA
FindWindowA
PostMessageA
GetMessageA
EndDialog
MessageBoxA
ChildWindowFromPoint
DispatchMessageA
TranslateMessage

gdi32

DeleteObject
GetStockObject

shell32

ShellExecuteA
Shell_NotifyIconA
SHGetPathFromIDListA
SHGetSpecialFolderLocation

kernel32

FindResourceW
LoadResource
LockResource
DebugBreak
FreeResource
GetStartupInfoA
GetModuleHandleA
GetModuleFileNameA
GetShortPathNameA
GetSystemDefaultLCID
FreeLibrary
GetLastError
DuplicateHandle
SystemTimeToFileTime
GetLocalTime
WaitForMultipleObjects
FindNextChangeNotification
CreateEventA
lstrcatA
lstrcpyA
GetCurrentProcess
GetCurrentThread
FindFirstChangeNotificationA
CloseHandle
ResumeThread
FindCloseChangeNotification
SetEvent
lstrlenA
lstrcmpiA
HeapFree
HeapAlloc
GetProcessHeap
WideCharToMultiByte
LoadLibraryA
GetCurrentDirectoryA
DeleteAtom
AddAtomA
VirtualFree
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
GlobalAlloc
GlobalFree
FindClose
FindFirstFileA
GetTempPathA
WaitForSingleObject
CreateMutexA
ReleaseMutex
SuspendThread
lstrcpynA

ole32

StringFromGUID2
OleInitialize
CoTaskMemFree
CoTaskMemAlloc
CoGetMalloc
OleUninitialize

msvcrt

_exit
??2@YAPAXI@Z
strcat
strcpy
_stricmp
??3@YAXPAX@Z
__CxxFrameHandler
_EH_prolog
_beginthreadex
_itoa
malloc
free
labs
memcpy
wcschr
wcsncpy
memmove
wcscpy
wcsrchr
_wcsicmp
wcslen
_mbslen
strlen
memset
_mbscat
_mbsrchr
_mbscpy
_mbsinc
wcscat
_ltoa
atol
sprintf
wcsstr
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
_onexit
_mbsstr
_mbschr
wcstoul
wcstok
_wcsnicmp
towupper

advapi32

RegEnumKeyExA
RegOpenKeyA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA
RegQueryInfoKeyA
RegDeleteKeyA
RegCloseKey
RegQueryValueExA

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 500KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e41d370e4134d33547f8aab45512471a

Headers

File Characteristics

Imports

user32

gdi32

shell32

kernel32

ole32

msvcrt

advapi32

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 24KB - Virtual size: 20KB

.vmp0 Size: 500KB - Virtual size: 1.6MB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 24KB - Virtual size: 20KB

.vmp0
Size: 500KB - Virtual size: 1.6MB