62c0a351f08ca9cc9b9a0f99cafaddb3da71f927190e45c359d56a049d5a0988

Sharing

Copy URL Twitter E-mail

General

Target

62c0a351f08ca9cc9b9a0f99cafaddb3da71f927190e45c359d56a049d5a0988
Size

223KB
MD5

dac9612f2ddf694a85e0a077f7686cd8
SHA1

9f5f8680748a635be60514539310f5f5bc69e1af
SHA256

62c0a351f08ca9cc9b9a0f99cafaddb3da71f927190e45c359d56a049d5a0988
SHA512

d97192761c97107d9602619a8457207ab61a963c1a3008161bb1528d920ceaa541ac5cedb5f51c2887531a8c0997dddf981a6920268465eba5da0053b5cf212a
SSDEEP

6144:ru8KV5nYx2F+z06tMtmO7zBc38zCNCpZWweNSO:mYxq+z0Jy38uApM

Score

N/A

Malware Config

Signatures

Files

62c0a351f08ca9cc9b9a0f99cafaddb3da71f927190e45c359d56a049d5a0988
.exe windows x86

e8aaa796ec083ffec4c98d27d1831c08

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
SetFileAttributesW
SetFilePointer
GetNumberFormatA
OpenProcess
CreateProcessW
SetErrorMode
GetCurrentThreadId

msvcrt

__p__fmode
_adjust_fdiv
sinh
__getmainargs
strncpy
_exit
__setusermatherr
_XcptFilter
__p___initenv
free
_snprintf
_cexit
_write
_onexit
fprintf
atoi
_initterm
_except_handler3
_controlfp
fflush
__p__commode
__set_app_type
calloc
_iob

comdlg32

GetOpenFileNameA

user32

ScrollWindow
RegisterClassA
GetWindowLongA
ReleaseDC
ReleaseCapture
GetSystemMenu
SetActiveWindow
UnhookWindowsHookEx
IsWindow
IsIconic
FillRect
SetDlgItemTextA
RedrawWindow
GetMenuItemID

gdi32

GetObjectType
TranslateCharsetInfo
Pie
AddFontResourceA
EnumFontFamiliesW
SetStretchBltMode
CreateFontW
GetDeviceCaps
GetDIBColorTable
SetAbortProc
GetEnhMetaFileHeader
GetTextCharsetInfo
Ellipse
GetTextExtentExPointW
SetDIBColorTable

ole32

IIDFromString
CoRevokeClassObject
CLSIDFromProgID
OleRun
OleSetClipboard
ReleaseStgMedium
DoDragDrop
CoTaskMemFree
ProgIDFromCLSID
CoTaskMemRealloc
CoCreateGuid
IsAccelerator
StgOpenStorageOnILockBytes

advapi32

CryptAcquireContextA
RegDeleteKeyW
CryptGenRandom
RegCreateKeyA
RegQueryValueExA
CryptDestroyHash
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
AllocateAndInitializeSid
AdjustTokenPrivileges
GetTokenInformation
CryptReleaseContext
RegQueryValueExW
RegOpenKeyExA
RegSetValueExA
EqualSid
OpenProcessToken
LookupPrivilegeValueA

comctl32

ImageList_SetDragCursorImage
ImageList_GetBkColor
ImageList_GetIcon
CreateToolbarEx
ImageList_GetImageInfo
ImageList_Destroy
CreatePropertySheetPageA
ImageList_Read
ImageList_DrawEx
InitCommonControlsEx

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8aaa796ec083ffec4c98d27d1831c08

Headers

File Characteristics

Imports

kernel32

msvcrt

comdlg32

user32

gdi32

ole32

advapi32

comctl32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 56KB - Virtual size: 327KB

.rsrc Size: 161KB - Virtual size: 160KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 56KB - Virtual size: 327KB

.rsrc
Size: 161KB - Virtual size: 160KB