807134954d44fb67b03c2c5dacf6116ce5ee2ad2ee15058ff2d089ea3ba69036

Sharing

Copy URL Twitter E-mail

General

Target

807134954d44fb67b03c2c5dacf6116ce5ee2ad2ee15058ff2d089ea3ba69036
Size

288KB
MD5

5f1e487e4cad4fc41e0cb0e2197cdb03
SHA1

1f83ba56c82379668700e7712fe12cadad563b43
SHA256

807134954d44fb67b03c2c5dacf6116ce5ee2ad2ee15058ff2d089ea3ba69036
SHA512

502ca975fbc31f8138580bc05c4b8ac10f80a4afe924bc74f17f75f33972686f810a79d5b5e60455204d7f96261cf41abee4c7cbcbb954601af5e872a6c5ea5d
SSDEEP

6144:QxY/8U4k3IoFbLJyTOv3JJTY7bBxAO1negbNwxUm2BkU:CY0UbYoFnIc3bY7bhhwxm

Score

N/A

Malware Config

Signatures

Files

807134954d44fb67b03c2c5dacf6116ce5ee2ad2ee15058ff2d089ea3ba69036
.exe windows x86

101ef56de84dc5f0502eed209f65805c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItemTextA
GetWindowPlacement
IsChild
SetWindowPlacement
ShowOwnedPopups
IsWindowUnicode
CloseWindow
WindowFromPoint
MoveWindow
SetWindowPos
GetWindowTextA
MessageBoxExA
ShowWindowAsync
SetForegroundWindow
EnumThreadWindows

gdi32

CopyMetaFileW
CloseEnhMetaFile
EndDoc
CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush
CombineRgn
AddFontResourceW
ExtFloodFill
DeleteEnhMetaFile

advapi32

ClearEventLogA
RegLoadKeyA
RegSetValueA
GetTokenInformation
OpenThreadToken
RegSetValueExA
RegEnumValueA
RegConnectRegistryA
BackupEventLogA

shlwapi

StrCmpNIW
PathFindFileNameW
PathRelativePathToA
PathFileExistsA
SHRegCreateUSKeyW
PathParseIconLocationW
PathIsDirectoryW
StrFormatByteSizeW
PathIsRelativeA
PathSkipRootA
StrDupW
StrToIntExA
StrStrW
SHRegQueryInfoUSKeyA

kernel32

WideCharToMultiByte
GetOEMCP
HeapValidate
LocalAlloc
VirtualLock
MultiByteToWideChar
HeapCompact
IsBadReadPtr
GlobalFree
GetProfileSectionA
GetModuleHandleA
GetProcAddress
VirtualAllocEx
HeapDestroy
GetStartupInfoA
GetTimeFormatA
EnterCriticalSection
VirtualQueryEx
ResetEvent

credui

CredUIParseUserNameW
CredUIStoreSSOCredW
CredUIParseUserNameA
CredUIReadSSOCredW

winscard

SCardIntroduceReaderA

msvcrt

_XcptFilter
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_exit

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

101ef56de84dc5f0502eed209f65805c

Headers

File Characteristics

Imports

user32

gdi32

advapi32

shlwapi

kernel32

credui

winscard

msvcrt

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 264KB - Virtual size: 264KB

.data Size: 512B - Virtual size: 318KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 264KB - Virtual size: 264KB

.data
Size: 512B - Virtual size: 318KB

.rsrc
Size: 18KB - Virtual size: 17KB