fbfb3ae1153f2e0ab45b8d7c41c9adbfd37f5538453ef96fdf474045b3dfd22f

Sharing

Copy URL Twitter E-mail

General

Target

fbfb3ae1153f2e0ab45b8d7c41c9adbfd37f5538453ef96fdf474045b3dfd22f
Size

106KB
MD5

1c0c511c94ab28c0bc795d607a0097a0
SHA1

ec7fc40ec6a06b6357467b97cecb17e8de2958fc
SHA256

fbfb3ae1153f2e0ab45b8d7c41c9adbfd37f5538453ef96fdf474045b3dfd22f
SHA512

da1852ae2c4e6f38506259d33b2a906459777f8cdabd618b75cddbb150088f33711a4802101961cdec2c3217e79e5ba1cdf9e7ccae67fb683610c10eed660505
SSDEEP

1536:V7tePvrOidiWxQqPGqEBgnZuStM05wrP1MUdOTjsEeUwdN1+aflo8Fk2ik:H6vTauYwT5u1Nd1Ee9cato8/b

Score

N/A

Malware Config

Signatures

Files

fbfb3ae1153f2e0ab45b8d7c41c9adbfd37f5538453ef96fdf474045b3dfd22f
.exe windows x86

41afe9db112bb68bbcc4b36089ceb8ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryW
TerminateProcess
SetLastError
GetCurrentProcessId
SetFileAttributesW
lstrcmpiW
CompareFileTime
VirtualFree
LocalFree
GetExitCodeProcess
GetNumberFormatA
LCMapStringA
LocalAlloc
VirtualProtectEx
GetVersion
VirtualAlloc
GetStartupInfoW
GetSystemTime
MoveFileA

msvcrt

__p__commode
__p__environ
fprintf
free
_adjust_fdiv
_write
atoi
strchr
_controlfp
strncmp
__setusermatherr
calloc
_onexit
fputc
sqrt
__p___initenv
__dllonexit
__set_app_type
__p__fmode
_errno
sprintf
_except_handler3
_exit
_XcptFilter
_initterm
fread
__getmainargs

comdlg32

GetOpenFileNameA

user32

GetScrollInfo
SetWindowLongA
DefWindowProcA
GetScrollRange
InvalidateRect
DestroyIcon
PostQuitMessage
GetActiveWindow
TranslateMessage
SetPropA
DestroyWindow
GetCapture
SetDlgItemTextA
DrawEdge
MessageBeep

gdi32

GetObjectType
StrokeAndFillPath
StartPage
SetViewportExtEx
SaveDC
GetEnhMetaFilePaletteEntries
FillPath
Pie
BeginPath
PlayEnhMetaFile
GetViewportExtEx
GetBkColor
GetRgnBox
SetEnhMetaFileBits
PolylineTo

ole32

CoFreeUnusedLibraries
CreateItemMoniker
CoRegisterClassObject
StringFromGUID2
CoInitialize
GetRunningObjectTable
CoCreateInstance
CoRevokeClassObject
CoUninitialize

advapi32

RegOpenKeyExA
OpenSCManagerW
RegCreateKeyExA
ControlService
CryptReleaseContext
GetTokenInformation
RegDeleteKeyA
SetSecurityDescriptorOwner
OpenProcessToken

comctl32

ImageList_Add
CreateToolbarEx
DestroyPropertySheetPage
InitCommonControlsEx
ImageList_Read
PropertySheetW
ImageList_DrawEx
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_LoadImageA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41afe9db112bb68bbcc4b36089ceb8ee

Headers

File Characteristics

Imports

kernel32

msvcrt

comdlg32

user32

gdi32

ole32

advapi32

comctl32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 9KB - Virtual size: 45KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 9KB - Virtual size: 45KB

.rsrc
Size: 18KB - Virtual size: 17KB