7c4b01e909d8489c2aea13db91f8080b78ea348773b077888c935101dde82c8a

Sharing

Copy URL

Twitter E-mail

General

Target

7c4b01e909d8489c2aea13db91f8080b78ea348773b077888c935101dde82c8a
Size

140KB
MD5

9619ef016d7505b60b8c4e00f499a82e
SHA1

c54e2230c8a20c2f8fa3329fe97aaf69fa7bfcd3
SHA256

7c4b01e909d8489c2aea13db91f8080b78ea348773b077888c935101dde82c8a
SHA512

bb8801a6f771a0eb468b3cf39ab9a648b52c1a70bbe35b5d9140f51c791ad6306db212e1151327e5b7bef17658a5ab85f026edf19f159608343efba7ef59cfb4
SSDEEP

3072:MvR2XMwJLIFEv2DlkFyArMN+qlur2yajseZqH7x4IUPeN7:DJcDWsAvItyajseZ6L

Score

N/A

Malware Config

Signatures

Files

7c4b01e909d8489c2aea13db91f8080b78ea348773b077888c935101dde82c8a
.exe windows x86

0e0d7b5b864095c826393644240ac3af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetTempPathW
GetStringTypeExA
GetVersion
InterlockedExchange
LocalAlloc
SetFileTime
GetModuleHandleA
LCMapStringA
GetStartupInfoA
SetErrorMode
GetExitCodeProcess
GetSystemInfo
VirtualProtect
WriteConsoleA
GetWindowsDirectoryA
LocalFree

msvcrt

_umask
strcat
__p__fmode
__getmainargs
_dup2
__setusermatherr
pow
__p__commode
_XcptFilter
_wcsicmp
remove
iswspace
_initterm
_adjust_fdiv
exit
puts
_snwprintf
__set_app_type
_purecall
log
_acmdln
_except_handler3

user32

RemovePropA
IsIconic
CheckMenuItem
GetSysColorBrush
IsRectEmpty
IsZoomed
SendMessageA
GetMessagePos
PeekMessageA
GetActiveWindow
GetWindowPlacement
SetWindowPos
GetCursorPos

oleaut32

LoadTypeLib
SafeArrayCreate
SysStringByteLen
SysFreeString
SafeArrayRedim
VariantCopyInd
SysReAllocStringLen
VariantInit

gdi32

GetBkMode
SetPolyFillMode
GetBkColor
GetWindowOrgEx
CreateDIBitmap
SetBrushOrgEx
PatBlt

advapi32

CryptCreateHash
CryptDestroyHash
EqualSid
RegSetValueExA
OpenThreadToken
SetSecurityDescriptorDacl
GetUserNameA
RegCreateKeyA
AdjustTokenPrivileges
RegDeleteValueW
SetSecurityDescriptorOwner

ole32

CreateBindCtx
StgOpenStorageOnILockBytes
CreateItemMoniker
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
CoGetMalloc

shell32

SHGetPathFromIDListW
SHAddToRecentDocs
SHGetFileInfo
FindExecutableW
SHGetFileInfoA
Shell_NotifyIconW
ShellExecuteEx
ExtractIconA
SHGetFolderPathW
SHAppBarMessage

comctl32

ImageList_GetIconSize
CreateToolbarEx
InitializeFlatSB
ImageList_EndDrag
ImageList_Create
ImageList_LoadImageW

version

VerInstallFileW
GetFileVersionInfoA
VerFindFileW
VerQueryValueW
GetFileVersionInfoW
VerLanguageNameA

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0e0d7b5b864095c826393644240ac3af

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

oleaut32

gdi32

advapi32

ole32

shell32

comctl32

version

Sections

.text Size: 64KB - Virtual size: 64KB

.data Size: 48KB - Virtual size: 47KB

.rsrc Size: 26KB - Virtual size: 96KB

.text
Size: 64KB - Virtual size: 64KB

.data
Size: 48KB - Virtual size: 47KB

.rsrc
Size: 26KB - Virtual size: 96KB