89b27f853a708265d1eda213fc6ea0a6017d5076020c7ad9a978cbd90410b425

Sharing

Copy URL Twitter E-mail

General

Target

89b27f853a708265d1eda213fc6ea0a6017d5076020c7ad9a978cbd90410b425
Size

80KB
MD5

b7898030794f05f848375fa6ec967151
SHA1

ea72a1e62ef2f4658e142185b3fbed61b0e42ac5
SHA256

89b27f853a708265d1eda213fc6ea0a6017d5076020c7ad9a978cbd90410b425
SHA512

6619e0f317afb7f976c4d14d087671e273602efff4d8ce645801a1fbc6b026b091e5221804c0972206f4bb2f52adfbe734888f7fb04976bc4a87aff8d604f2c9
SSDEEP

1536:X9/b+BohUlUMorDT/TBsxa3A7gc/8mzEYOYIo1+orn7Qrq3A4ofR4J:X9/sock/TixJ1E1YI16n7XA4oA

Score

N/A

Malware Config

Signatures

Files

89b27f853a708265d1eda213fc6ea0a6017d5076020c7ad9a978cbd90410b425
.exe windows x86

870abe5eb1ebc3ede5873650fc006762

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetMessageA
SetWindowPos
GetSubMenu
EnableMenuItem
GetSysColorBrush
EqualRect
UnhookWindowsHookEx
EnumWindows
PostQuitMessage
GetScrollPos
FrameRect
GetSysColor
SetWindowTextA

kernel32

ExitProcess
SetUnhandledExceptionFilter
GetThreadLocale
InterlockedExchange
VirtualAllocEx
GetFileAttributesA
GetStartupInfoA
GetTickCount
FileTimeToSystemTime
RtlUnwind
GetCurrentProcessId
GetOEMCP
GetSystemTime
GetTimeZoneInformation
GetTempPathA

gdi32

CreateCompatibleBitmap
SelectClipPath
ExcludeClipRect
DPtoLP
CreateICW
FillRgn
CopyEnhMetaFileA
SetViewportExtEx
GetMapMode

ole32

StringFromGUID2
CoRevokeClassObject
CoTaskMemRealloc
CoCreateInstance
CoInitializeSecurity
OleRun
StgOpenStorage
CoInitialize
DoDragDrop

advapi32

QueryServiceStatus
GetUserNameA
FreeSid
GetSecurityDescriptorDacl
RegCreateKeyExW
RegQueryValueExW
CheckTokenMembership
AdjustTokenPrivileges
RegCreateKeyA
CryptHashData

msvcrt

fprintf
_flsbuf
iswspace
strcspn
strncpy
raise
signal
__getmainargs
_strdup
_mbscmp
__setusermatherr
_fdopen
__initenv
fflush
_lock
strlen
_CIpow
puts

comctl32

ImageList_Destroy
ImageList_GetIcon
InitCommonControls
CreatePropertySheetPageA
ImageList_DrawEx
ImageList_DragEnter
ImageList_LoadImageW
ImageList_ReplaceIcon
ImageList_Write
ImageList_GetIconSize
ImageList_GetBkColor
ImageList_LoadImageA
ImageList_SetIconSize

shell32

DragQueryFileA
ExtractIconExW
ShellExecuteEx
SHBrowseForFolderA
CommandLineToArgvW
ExtractIconW
DoEnvironmentSubstW
ShellExecuteW
SHGetPathFromIDList
DragQueryFileW
DragAcceptFiles

oleaut32

SafeArrayGetUBound
SafeArrayPtrOfIndex
SysReAllocStringLen
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayPutElement

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

iijotuj
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

870abe5eb1ebc3ede5873650fc006762

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 32KB - Virtual size: 31KB

.data Size: 41KB - Virtual size: 41KB

.rsrc Size: 6KB - Virtual size: 34KB

iijotuj Size: - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 31KB

.data
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 6KB - Virtual size: 34KB

iijotuj
Size: - Virtual size: 4KB