aa8704ce28036a267019c5923227f1b489c0e94963f89ab24ceab682da063207

Sharing

Copy URL

Twitter E-mail

General

Target

aa8704ce28036a267019c5923227f1b489c0e94963f89ab24ceab682da063207
Size

26KB
MD5

7253cd825ff74cb5279b7ec1f4e77571
SHA1

f0f3d3d892bc3fe7492d645ce378053f75355588
SHA256

aa8704ce28036a267019c5923227f1b489c0e94963f89ab24ceab682da063207
SHA512

e5f7b4dcf4566e35606675aec212ca556b31a9fc0cab420c73fa48f1948a877140027fbfeb5dd66b736346522651b775c828fe060d5bbae400928d8caf6e1c9e
SSDEEP

384:gGJHjz9NNKBDFS1o7DNXF0p7obB6XU0t5nnbQ7QjYJuilSsDTbyXoSRu:gGJH7IBDFScXMKWZnqDSW6Pu

Score

N/A

Malware Config

Signatures

Files

aa8704ce28036a267019c5923227f1b489c0e94963f89ab24ceab682da063207
.exe windows x86

e1b5faaca26f515235c6be770e9f2255

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

gdi32

GetObjectA
SaveDC
SetTextColor
CreateSolidBrush
CreateCompatibleDC
RestoreDC
BitBlt
DeleteObject
SetViewportOrgEx
CreateFontIndirectA
ModifyWorldTransform
GetDeviceCaps
GetTextMetricsA
SelectObject
DeleteDC
DPtoLP
ExtTextOutA
SetBkColor
SetWindowOrgEx
SetGraphicsMode

user32

SetDlgItemTextA
MsgWaitForMultipleObjects
SendDlgItemMessageA
EnableWindow
GetDlgItem
GetClientRect
SendMessageA
GetDC
IsWindow
GetWindowLongA
PeekMessageA
ShowWindow
IsDlgButtonChecked
ReleaseDC
CharUpperA
SetWindowPos
GetWindowTextA
CheckDlgButton
GetSysColor
EndDialog
IsDialogMessageA
GetWindowRect
CreateDialogParamA
SetWindowTextA
TranslateMessage
SetWindowLongA
DispatchMessageA
LoadBitmapA
DestroyWindow
wsprintfA
CharPrevA
DestroyIcon
InvalidateRect
LoadImageA
LoadStringA
DrawTextA
MessageBoxA
DialogBoxParamA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegEnumValueA
RegDeleteKeyA
RegEnumKeyExA
RegQueryValueExA

ntdll

NtAddAtom

kernel32

DeleteCriticalSection
CreateThread
InitializeCriticalSection
GetDiskFreeSpaceA
HeapFree
GetProcessHeap
lstrcmpiA
lstrlenA
SetEvent
CreateEventA
lstrcatA
lstrcmpA
InterlockedDecrement
DisableThreadLibraryCalls
LocalFree
CreateFileA
CloseHandle
HeapReAlloc
LocalAlloc
InterlockedIncrement
lstrcpynA
VirtualAlloc
lstrcpyA
FreeLibrary
HeapAlloc
GetWindowsDirectoryA
HeapSize
GetModuleHandleA
GetProcAddress
GetModuleFileNameA
GetTickCount
LoadLibraryA

ole32

CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree

advpack

RegInstall

atl

AtlMarshalPtrInProc

Sections

.textbss
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1b5faaca26f515235c6be770e9f2255

Headers

File Characteristics

Imports

version

gdi32

user32

advapi32

ntdll

kernel32

ole32

advpack

atl

Sections

.textbss Size: - Virtual size: 96KB

.text Size: 512B - Virtual size: 428B

.idata Size: 23KB - Virtual size: 23KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 216B

.textbss
Size: - Virtual size: 96KB

.text
Size: 512B - Virtual size: 428B

.idata
Size: 23KB - Virtual size: 23KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 216B