61da7e7d3b69161d5bacd76df276dbdf634c2ef7dc550e6d94c1563b0c9a0874

Sharing

Copy URL Twitter E-mail

General

Target

61da7e7d3b69161d5bacd76df276dbdf634c2ef7dc550e6d94c1563b0c9a0874
Size

20KB
MD5

94ee4bb0c664b44b215cb241a56f0f04
SHA1

5cd73ecff4e50b67be29fb21b997e2e52d024d00
SHA256

61da7e7d3b69161d5bacd76df276dbdf634c2ef7dc550e6d94c1563b0c9a0874
SHA512

23b5bfa676d55e7c0428586cdfe001732519b11b2dc19105fa5a33e785d6e8cd7ad61579fee4d217602d5c6bf272d7bc215ff11270058f414ad50545231d7043
SSDEEP

384:NZ/Y/3OG+6DtZzsHLdRMAPJA/25mrJ0w/bmPYxY:8/3V9Z8MIJjmp/aAxY

Score

N/A

Malware Config

Signatures

Files

61da7e7d3b69161d5bacd76df276dbdf634c2ef7dc550e6d94c1563b0c9a0874
.exe windows x86

415de8ff0b39626b33d928d4568fc90f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtAddAtom

advpack

RegInstall

user32

InvalidateRect
IsWindow
LoadStringA
DestroyWindow
DispatchMessageA
LoadBitmapA
CheckDlgButton
GetSysColor
GetDlgItem
wsprintfA
SetWindowTextA
SendDlgItemMessageA
GetClientRect
SetDlgItemTextA
GetWindowRect
TranslateMessage
SetWindowPos
CreateDialogParamA
GetWindowTextA
CharPrevA
MessageBoxA
LoadImageA
MsgWaitForMultipleObjects
EnableWindow
IsDialogMessageA
SendMessageA
DestroyIcon
EndDialog
GetWindowLongA
DrawTextA
DialogBoxParamA
ReleaseDC
ShowWindow
SetWindowLongA
IsDlgButtonChecked
GetDC
PeekMessageA
CharUpperA

gdi32

DPtoLP
SetGraphicsMode
BitBlt
SetWindowOrgEx
DeleteDC
SetBkColor
CreateFontIndirectA
SaveDC
SetTextColor
CreateCompatibleDC
DeleteObject
GetObjectA
ExtTextOutA
RestoreDC
SelectObject
GetDeviceCaps
CreateSolidBrush
SetViewportOrgEx
ModifyWorldTransform
GetTextMetricsA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

advapi32

RegCloseKey
RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyExA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

VirtualAlloc
GetSystemDirectoryA
LocalFree
GetModuleHandleA
lstrcmpA
LoadLibraryA
InterlockedDecrement
lstrcpyA
GetProcessHeap
lstrcatA
GetTickCount
GetProcAddress
CloseHandle
HeapFree
InitializeCriticalSection
lstrcpynA
CreateThread
GetDiskFreeSpaceA
SetEvent
FreeLibrary
CreateEventA
HeapReAlloc
DisableThreadLibraryCalls
LocalAlloc
HeapSize
CreateFileA
InterlockedIncrement
GetWindowsDirectoryA
GetModuleFileNameA
lstrcmpiA
HeapAlloc
lstrlenA

atl

AtlMarshalPtrInProc

Sections

.textbss
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

415de8ff0b39626b33d928d4568fc90f

Headers

File Characteristics

Imports

ntdll

advpack

user32

gdi32

ole32

advapi32

version

kernel32

atl

Sections

.textbss Size: - Virtual size: 96KB

.text Size: 512B - Virtual size: 428B

.idata Size: 23KB - Virtual size: 23KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 216B

.textbss
Size: - Virtual size: 96KB

.text
Size: 512B - Virtual size: 428B

.idata
Size: 23KB - Virtual size: 23KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 216B