7cf88b26b90dc54e57faa346a52db42d97291648e204b412e75eb578cfa0ed4f

Sharing

Copy URL Twitter E-mail

General

Target

7cf88b26b90dc54e57faa346a52db42d97291648e204b412e75eb578cfa0ed4f
Size

119KB
MD5

0d901c84013bbe1f93927b35ccee7e78
SHA1

eac0eb8309cace222bc0c7830737d71e749c17b6
SHA256

7cf88b26b90dc54e57faa346a52db42d97291648e204b412e75eb578cfa0ed4f
SHA512

8ed99cdf601b3ea20294d2f881128dd8744757bb9247f7574e15661084fbd7282dad9a8ca21cbdd0969bb34dae33a83bed74f7604912be106d69116bd4703fd4
SSDEEP

1536:+OdNcw31r29A7hmLM1NVBbQVeVVVbl9Bei22v49r2yDwdhU8sQsWakqV1dWhSjoM:jdeyr2GmoDCehUi22v412RsWak2CwoL

Score

N/A

Malware Config

Signatures

Files

7cf88b26b90dc54e57faa346a52db42d97291648e204b412e75eb578cfa0ed4f
.exe windows x86

a1b75b9206b167761053f76d757a89b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

fwrite
strcpy
strrchr
fclose
signal
fopen
fseek
printf
__set_app_type
calloc
__p__commode
malloc
strcmp
_except_handler3
_onexit
_XcptFilter
__getmainargs
strlen
abort
_adjust_fdiv
_exit
__p__fmode
atexit
strchr
free
fread
__setusermatherr
_initterm
_acmdln
_errno
_iob
exit
remove

kernel32

GetStringTypeW
FlushFileBuffers
GetModuleHandleA
GetSystemInfo
LoadLibraryA
SetStdHandle
GetConsoleOutputCP
CreateFileMappingA
GetStartupInfoA
GetProcAddress
GetVersionExA
GetModuleHandleW
VirtualAlloc
VirtualFree
RtlUnwind

gdi32

CreateHatchBrush
CreatePatternBrush
StretchDIBits
LPtoDP
CreateRectRgn
SelectPalette
ArcTo
GetTextExtentPoint32W
SetTextJustification
SetWindowOrgEx
GetCharWidthA
PatBlt

ole32

CLSIDFromString
IIDFromString
IsAccelerator
OleUninitialize
CoRegisterMessageFilter
CoTaskMemFree
OleSetClipboard
StringFromIID

user32

MapWindowPoints
GetSysColor
FindWindowA
EnumThreadWindows
DrawTextA
DispatchMessageA
GetSystemMenu
SendDlgItemMessageA
CallNextHookEx
RegisterWindowMessageA
SetScrollInfo
RegisterClipboardFormatA
DestroyMenu
CreateMenu
RemovePropA

advapi32

QueryServiceStatus
DeleteService
RegOpenKeyExA
SetSecurityDescriptorGroup
AllocateAndInitializeSid
CheckTokenMembership
RegOpenKeyExW
RegQueryValueExW
OpenProcessToken
RegDeleteValueA

shell32

FindExecutableW
ShellExecuteExA
SHGetDesktopFolder
SHChangeNotify
SHGetPathFromIDListW

comctl32

CreatePropertySheetPageW
ImageList_SetImageCount
PropertySheetW
ImageList_GetImageCount
CreateToolbarEx
ImageList_Add
ImageList_AddMasked
ImageList_SetBkColor
ImageList_Create
ImageList_SetIconSize
ImageList_Draw
ImageList_GetIcon

oleaut32

LoadTypeLib
SysAllocStringByteLen
SafeArrayUnaccessData
CreateErrorInfo
VariantCopyInd
SafeArrayPtrOfIndex
SafeArrayGetUBound

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 46KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a1b75b9206b167761053f76d757a89b3

Headers

File Characteristics

Imports

msvcrt

kernel32

gdi32

ole32

user32

advapi32

shell32

comctl32

oleaut32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 46KB - Virtual size: 63KB

.rsrc Size: 66KB - Virtual size: 140KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 46KB - Virtual size: 63KB

.rsrc
Size: 66KB - Virtual size: 140KB