826560ffdf232f9c9ea2fec891267d0153ab166efcae0d3448201eb8027389fa

Sharing

Copy URL Twitter E-mail

General

Target

826560ffdf232f9c9ea2fec891267d0153ab166efcae0d3448201eb8027389fa
Size

98KB
MD5

50babd79024601628af3dda76deca03f
SHA1

3b21ffa8a4855e0cd48b32cdb296e63cf7945b65
SHA256

826560ffdf232f9c9ea2fec891267d0153ab166efcae0d3448201eb8027389fa
SHA512

708b3769772eb30f3bcbf2990cbec98e99748f760a901077d46d853aa1973e4b821b70b686890950868062a3680d27e91c6fa913e8576ce28635c8c679f7d143
SSDEEP

1536:bpU0bsV/WZOyhVfBFoCkxSl7y25f45DoeRrdz9LsKbJkcinc2s7ldu74wZW46z:bpU0bsxrK/bkxSL4JoerbbC+QZW5z

Score

N/A

Malware Config

Signatures

Files

826560ffdf232f9c9ea2fec891267d0153ab166efcae0d3448201eb8027389fa
.exe windows x86

bf95f84a4ce1ce6e7d4437985809f853

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__set_app_type
strncmp
_initterm
__p__fmode
_except_handler3
sqrt
calloc
__setusermatherr
_vsnprintf
_setmode
fputc
_cexit
_acmdln
__p__commode
_exit
__getmainargs
wcslen
fclose
_adjust_fdiv
fprintf
free
_errno

comdlg32

GetOpenFileNameA

kernel32

TerminateProcess
ExitProcess
GlobalLock
GetNumberFormatA
InterlockedCompareExchange
GetShortPathNameA
GetStartupInfoW
IsDBCSLeadByte
lstrcpynA
GetStartupInfoA
GlobalFree
GetConsoleOutputCP
SetLastError
VirtualAlloc
CompareStringW

user32

GetMenu
RegisterClassA
ScreenToClient
SetDlgItemTextA
GetSysColor
TranslateMessage
DrawMenuBar
SetActiveWindow
GetWindowThreadProcessId
GetIconInfo
EndDialog
GetWindowRect
GetDesktopWindow
InsertMenuItemA
GetCapture

advapi32

RegSetValueExW
CheckTokenMembership
RegQueryValueExA
IsValidSid
LookupPrivilegeValueW
RegSetValueExA
CloseServiceHandle
AdjustTokenPrivileges
RegDeleteValueA
OpenServiceW
RegEnumValueW

ole32

CoSetProxyBlanket
OleRun
CoTaskMemRealloc
ProgIDFromCLSID
CLSIDFromProgID
CoInitializeEx
StgOpenStorageOnILockBytes
CLSIDFromString
IsAccelerator
OleFlushClipboard
CoGetMalloc
CoTaskMemFree
StringFromCLSID
OleInitialize

gdi32

SetStretchBltMode
LPtoDP
ExtCreateRegion
GetEnhMetaFileBits
EnumFontsA
SetTextCharacterExtra
GetObjectW

comctl32

ImageList_GetBkColor
PropertySheetW
CreateStatusWindowA
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Remove
CreatePropertySheetPageW
InitCommonControlsEx
ImageList_AddMasked
ImageList_Destroy
ImageList_DragEnter

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf95f84a4ce1ce6e7d4437985809f853

Headers

File Characteristics

Imports

msvcrt

comdlg32

kernel32

user32

advapi32

ole32

gdi32

comctl32

Sections

.text Size: 4KB - Virtual size: 4KB

.data Size: 9KB - Virtual size: 48KB

.rsrc Size: 19KB - Virtual size: 19KB

.text
Size: 4KB - Virtual size: 4KB

.data
Size: 9KB - Virtual size: 48KB

.rsrc
Size: 19KB - Virtual size: 19KB