985e06ddc932b39cdbdb0bf0271f42c4849c895edc6c5256d91ad76396cf3963

Sharing

Copy URL Twitter E-mail

General

Target

985e06ddc932b39cdbdb0bf0271f42c4849c895edc6c5256d91ad76396cf3963
Size

160KB
MD5

7effbbb34eead80326c5c7a2a39a0374
SHA1

ba1b6fb20af4fb12c6edb16a4d849324bd80dda1
SHA256

985e06ddc932b39cdbdb0bf0271f42c4849c895edc6c5256d91ad76396cf3963
SHA512

c27afd38e3750564cc7a4a2556ca7ab0e848d6eed13763bf069c57558a47948f4783685abe05f2519fb4836fd96592541af103b860c8a6554a22ad39e03c1541
SSDEEP

3072:hPXFyowrxCaaldQB0G5VzQlMinFvkxuN1q5iM5Y/Viz0q1jS7j719Ws:byowYaAdQB0u4Mi5OuDqs/VKpjS7j7DV

Score

N/A

Malware Config

Signatures

Files

985e06ddc932b39cdbdb0bf0271f42c4849c895edc6c5256d91ad76396cf3963
.exe windows x86

3d89b1f927a741dd7f947a24f917f47f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyAcceleratorTable
GetKeyboardType
CreateIconIndirect
DialogBoxParamA
GetSysColor
GrayStringW
ShowCaret
AdjustWindowRect
IsCharAlphaA
GetNextDlgTabItem
EnumChildWindows
GetMenuItemInfoW
GetDlgItemInt
CreateAcceleratorTableW
PostThreadMessageW

kernel32

GetLocaleInfoA
GetTickCount
GlobalAddAtomA
LocalFree
LockResource
FindResourceExA
DeleteCriticalSection
FileTimeToDosDateTime
LocalAlloc
TryEnterCriticalSection
ConnectNamedPipe
VirtualAlloc
HeapValidate
AddAtomW
MulDiv

ole32

CoGetCurrentProcess

rpcrt4

CreateProxyFromTypeInfo
CreateStubFromTypeInfo

gdi32

GetNearestColor
SelectClipRgn
ScaleWindowExtEx
LPtoDP
GetObjectW
GetROP2

Exports

Exports

EnumKeyboardExW

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Agio
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oypac
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jibmed
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d89b1f927a741dd7f947a24f917f47f

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

ole32

rpcrt4

gdi32

Exports

Exports

Sections

.text Size: 128KB - Virtual size: 127KB

.Agio Size: 4KB - Virtual size: 7KB

.oypac Size: 512B - Virtual size: 268B

.jibmed Size: 21KB - Virtual size: 21KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 128KB - Virtual size: 127KB

.Agio
Size: 4KB - Virtual size: 7KB

.oypac
Size: 512B - Virtual size: 268B

.jibmed
Size: 21KB - Virtual size: 21KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 4KB - Virtual size: 4KB