71ab4750a20f8dfe20272eb2277ce6ac31457a3b55d8bdec14370d41cb7e995e

Sharing

Copy URL Twitter E-mail

General

Target

71ab4750a20f8dfe20272eb2277ce6ac31457a3b55d8bdec14370d41cb7e995e
Size

116KB
MD5

10cdd0867950c1428870c123f23c6b85
SHA1

4e62fc7cc12eecd15641480c681712b88cbcc132
SHA256

71ab4750a20f8dfe20272eb2277ce6ac31457a3b55d8bdec14370d41cb7e995e
SHA512

af18181c8ede7c5e7bbe3dac2ef7586946d53999db05a46ff0088e53ffe51c025a5e6d8272be09b0fd3bd8d2264c2fb11f93b5ce8c748b86c1426064aa9eb98f
SSDEEP

3072:NgEAzi47SGX4Zv8Kq17K2t1rNLnHeFRocjjizazdE:NgEAziSoAJNLo9n6+2

Score

N/A

Malware Config

Signatures

Files

71ab4750a20f8dfe20272eb2277ce6ac31457a3b55d8bdec14370d41cb7e995e
.exe windows x86

409dbe525d19d5030dadb02cd95512f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
lstrlenA
GetDiskFreeSpaceA
lstrcmpiA
lstrcmpA
WideCharToMultiByte
LocalFree
GetTempPathW
SetFilePointer
FormatMessageA
IsDBCSLeadByte
InterlockedExchange
GetNumberFormatA
GetShortPathNameA
EnumCalendarInfoA
WriteConsoleA
Sleep

msvcrt

fclose
exit
free
atoi
sinh
strcpy
_write
fflush
calloc
__setusermatherr
_cexit
__p___initenv
_XcptFilter
memset
_exit
realloc
__set_app_type
__p__fmode
__p__commode
_controlfp
__p__environ
_onexit
__getmainargs
_except_handler3
fprintf
_adjust_fdiv
abort
_initterm
wcslen
strrchr

comdlg32

GetOpenFileNameA

user32

RegisterClassA
SetWindowTextA
SetDlgItemTextA
OpenClipboard
GetDC
SetClipboardData
SetScrollPos
IsWindowEnabled
SetWindowPos
GetWindow

comctl32

ImageList_Add
ImageList_Destroy
ImageList_Read
CreatePropertySheetPageA
ImageList_DragShowNolock
ImageList_EndDrag
ImageList_DragLeave
ImageList_SetImageCount
ImageList_SetIconSize
ImageList_SetDragCursorImage
ImageList_GetImageCount

advapi32

AdjustTokenPrivileges
GetUserNameA
RegQueryValueExW
OpenServiceA
OpenServiceW
RegCloseKey
SetSecurityDescriptorDacl
RevertToSelf
CryptAcquireContextA
RegDeleteKeyA
SetSecurityDescriptorOwner
CheckTokenMembership

ole32

CLSIDFromString
CoReleaseMarshalData
OleGetClipboard
OleRun
StringFromCLSID
OleUninitialize
CoTaskMemRealloc
CoCreateInstance
CreateILockBytesOnHGlobal

gdi32

CombineRgn
StretchBlt
CreateICW
SetAbortProc
GetRgnBox
SetEnhMetaFileBits
MoveToEx
GetEnhMetaFileDescriptionA
GetCurrentObject
SaveDC
CreateRoundRectRgn
MaskBlt
EndDoc
PatBlt
EnumFontsA
GetClipBox
GetWinMetaFileBits

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

409dbe525d19d5030dadb02cd95512f2

Headers

File Characteristics

Imports

kernel32

msvcrt

comdlg32

user32

comctl32

advapi32

ole32

gdi32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 38KB

.rsrc Size: 33KB - Virtual size: 32KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 38KB

.rsrc
Size: 33KB - Virtual size: 32KB