66e965ac1d606830a6421289571f1c345f3209c68b26125f4669ea2ac3e9b00d

Sharing

Copy URL Twitter E-mail

General

Target

66e965ac1d606830a6421289571f1c345f3209c68b26125f4669ea2ac3e9b00d
Size

105KB
MD5

4621c261b38a271680066210bf0407d3
SHA1

c2983de147c54ba34a0c1c9a957fbc2864c7e8fe
SHA256

66e965ac1d606830a6421289571f1c345f3209c68b26125f4669ea2ac3e9b00d
SHA512

d9c5fe86c1b88d6c11aeda010db63a16e31f0195fe85bef269ae5f9ef7516ba3579ae65f1637a7284fc96db07b1f224829aee9e8d8c2fb224b54f1d6d3aea2b8
SSDEEP

1536:zK7kWLiKaOMmJ7pdV94QpWQ0gWYs34ghYXkvTomae9CSCwBKvdhggFNWC:zK7a7g7B0gWL3ZYXkvV/80BIdhLJ

Score

N/A

Malware Config

Signatures

Files

66e965ac1d606830a6421289571f1c345f3209c68b26125f4669ea2ac3e9b00d
.exe windows x86

94217b6010a592290b8eb2ea64a2112e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
IsDBCSLeadByte
lstrcmpA
GetCommandLineA
GetEnvironmentStrings
CreateDirectoryA
GetTempFileNameA
RtlUnwind
lstrcatA
GetNumberFormatA
GetFullPathNameA
FreeEnvironmentStringsW
GetCurrentThreadId
SetErrorMode

msvcrt

fputs
malloc
signal
strstr
__set_app_type
sinh
__p___initenv
memmove
_initterm
__p__commode
_except_handler3
_exit
exit
abort
_controlfp
calloc
__p__fmode
__setusermatherr
_write
free
_XcptFilter
__getmainargs
_adjust_fdiv
atexit

comdlg32

GetOpenFileNameA

user32

ShowWindow
GetClassInfoA
SetDlgItemTextA
PeekMessageA
SetScrollInfo
PostQuitMessage
GetScrollPos
LoadStringA
CallNextHookEx
GetSysColor
EnableWindow
GetWindowRect
CallWindowProcA
EnableMenuItem
GetTopWindow

gdi32

PlayMetaFile
GetTextExtentPoint32W
AddFontResourceA
GetEnhMetaFilePaletteEntries
GetViewportOrgEx
CreateHalftonePalette
GetBkColor
CreateFontIndirectA
SelectClipRgn
StartDocA
SetColorAdjustment

advapi32

GetSecurityDescriptorDacl
RegEnumValueA
SetSecurityDescriptorOwner
CryptGenRandom
RegEnumKeyExA
IsValidSid
RegOpenKeyW
RegDeleteValueA
CloseServiceHandle
CryptReleaseContext
OpenProcessToken
FreeSid
RegEnumValueW
LookupPrivilegeValueW
RegDeleteValueW
CryptAcquireContextA
CryptDestroyHash
EqualSid

comctl32

ImageList_ReplaceIcon
ImageList_SetIconSize
ImageList_Destroy
ImageList_GetImageCount
PropertySheetW
ImageList_EndDrag
ImageList_Add
ImageList_Draw

ole32

CoRegisterMessageFilter
StringFromIID
IsAccelerator
CoCreateInstance
OleDraw
CoRegisterClassObject
CoLoadLibrary
OleFlushClipboard
StringFromGUID2
CoGetMalloc

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94217b6010a592290b8eb2ea64a2112e

Headers

File Characteristics

Imports

kernel32

msvcrt

comdlg32

user32

gdi32

advapi32

comctl32

ole32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 38KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 38KB

.rsrc
Size: 28KB - Virtual size: 27KB