b70a4f51784730559e592e17127e16a2276b3d8d2a5ad11cdf8e908248014001

Sharing

Copy URL Twitter E-mail

General

Target

b70a4f51784730559e592e17127e16a2276b3d8d2a5ad11cdf8e908248014001
Size

1.3MB
MD5

75c022d527c7ceef2750d9944cce47a1
SHA1

788b7966814de60dedc3ba3b78306f5357c4c66d
SHA256

b70a4f51784730559e592e17127e16a2276b3d8d2a5ad11cdf8e908248014001
SHA512

808eeb7014f72618bb0ff67d8839de87deebdd9702b5545ef8c50183fb244799ca0b9710de4d2c319fc6cba71930711a34f6ec57d332f1024069f0ac15be6351
SSDEEP

24576:uwQVtWzsXTyGpwFcKTKb3QHjCQyrxIFS1A3uf3e3WeP2cj42:FQrWzI0mbAH+Qox0CAefux2y

Score

N/A

Malware Config

Signatures

Files

b70a4f51784730559e592e17127e16a2276b3d8d2a5ad11cdf8e908248014001
.exe windows x86

8dbbad823c73c40017c3d17aae56bf4c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiOutReset

ws2_32

htonl

kernel32

lstrlenA
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

AppendMenuA

gdi32

GetViewportExtEx

winspool.drv

DocumentPropertiesA

advapi32

RegEnumKeyA

shell32

Shell_NotifyIconA

ole32

CLSIDFromString

oleaut32

SysStringLen

comctl32

ImageList_Destroy

oledlg

ord8

comdlg32

GetFileTitleA

Exports

Exports

Ⱦ4$)��b�9�l527j��}��U�A�D��'2��U'@��v!�u�U��+XM倞#��@]ʬ�+<��y�#�ɮ�kM�]�'ҽ�P�4��-F�`n��$�ʅ��vɍF�H��/ [�>G< � �I�۱^E�$�:��n�i�6H��_��5]]a�>p��x�Z�?�(7f�_�dQ��I_h�w|Or?��/��7 MDy:6-��Vx�Ï��~�An7�Y.t*��Lz㠏#b� +PJ1��7�4�[�T��z^��KEH��S�L�L�rzX��]�!�ȐK��&�ɪ�j+�Ʃ�x�z��U�ƢUB�ݔ%�]9p��F�)��|M�ݓR��@v�p��'��ԩ#�O��ߐ�L3fݿ��p��_r�ypy��g��&�{��[9��-��9��Hk3W x)�dM�h��5��K�Oӷy� ��y�<`�:�|' J��4 ��aRG��m�%OZ%��M݈��G��~��Rhz`a5��"7��|��A�_M��h�D��Nmj=P(�N��6~�q:�`Kt�b]�$㱏��O�/�Y��RR\p8�{���<:�qj��\�%��;�9�V��c�� f��\Q�ݷů�ڲ �f��˝J��񒼿��Q�-E!��I��E:�St��F�s[5��i;n+��~��.��%��2�\��;��D�"�cĀ��C��K�Η��qMU�I�~89H�#��wi�#'q��A.��e�{);}��!�T�%5K\/�{ ]A��e�)�Y? �6��bx�󪬛��V��)p��"?�1��2�,pq��;�.��)�O~`,2͖z�|w?��JG#��4�Т<�FX��/��C��dq�L�>ƃA'�pr��)Ȯ�H�z{�X�MDt{�YD��9R��@pC��D��j��E�E'ir[��E4��B.�W�!�ϑW,�AOWy�f�~�F��|��Ab�?4��۲��PPh��n�u ՁV�?�߿_�g3Ɵ.W��-��H��p��U�c��_q�!{��/1YY ��,d�_�.��2U�ߚ��wٕ�1�6:��O�.c#�e��G�� M��%��D�@ j�l�s��a�S�� | �(��P�fy�ؙ�6L��,{wў�B\Ss{qKAV�� &T{��.�=.\�.TW4�| W��)�_ģO�WC��O1bMm��܋�I$��9��f��2�G�>z��*Z��:`qJ��^q��X��8 +�V=�%f��#��>X+��Ȭ�4eF&�v�~��{�`j��f�5��|��!��X�[�r��=Ngx:8��+��E`��[��M͊#��߅�Dm��1'�_�Q��l��~�d�� P7�V�%�M�#�a��Y��\}Ð��+-��)� ]��i�,��Sn+a��y�%�^��G2~{��!?W�k��"J0]�.(�Mό v��͔X�'T��E�k��%:��t8Ϥ��#=�ʻ�� 6Ĩ�j&��Z��$�9e��hGj��6�B��c�<wY�� <sj��]lh:9'&��NWi� G^�#d2��ZM��0J@�Hc�rKk)��۔�%H�-�� ]r�� w'��;גG��J,,��O�M`��֒f_��=�� 73��I�**w�R#G�(y�C�Z�2Omy�t��Bd��.��4��P$# γ�P�9�n�TIY�[�S��=��&�79�Y�^b�/�~��YΓ��Yr��[K��]��:եXV��wޣ�Hp��yR�_��0��C$-�%��`�¬��K��N.%��ʟ�=�}?��-��~4�i h#H�?Hkt��k��d�d��F��c��iݣ��{b}m�p��g��K�Zx�|�y2��9��t �rH*�tq��ƅ=\�K�O{��w`L*im� �Qs��C�o�r�2J��L�[�� =i�9��sI!�z�"�@�nZ܋��U �8:��G��+XN|��hYK'B�+Gq��@ :E�k:��P��F|c�t� I]��#T��q��w#+��ژ:~�9��_8�� Na��(��T6��##1�&��wF)��lY\��f";��z�m��AH�pi��R�*y?l��wU��R�t�� a �LE��d��Ͼ��4��`BW�wP��y��U��;��_��/&��µ��_OKog;F�qҺ)��D@P��m��;Gcl�Ƣ/��C��2�$��l��쀖�p�ճ��Gx�-�(<�F�.cW�<͵��K�2�� 5��tc��'�0�2r%� Kݏ�V�M6 ��#��Tu��֚m��]�3��| 9�9..5(鱤F렘 ��N�U��q��q5�]J��>��s�./��6Wq4V��r��E��˓�B@߂��d/u�)c��y'��y�\�Y7�"!rV�k_��߻j|��P�F�D��g��S��8zw��nʉ��v6�ٟZ��g�#]m�#�#uX��T��3�#��Y @+�~��c�+7�W�S�⢴��z�*~��y��]��I��hN慔��p�Φ�~+��0�� ,�S�_�*yg0��Dރ��瀻�,f�Vl��S%X��7��x_�w��V��w�]帻Q�0��i#�7��A~κ`z�`a�V�` z�"��P4g9A�C��@��]N��wJ|�݁��W��\ʈ9�=�[xɩ斱��yz1ڴ�+GA~HS7�cd�|��c x�ە��ʋ�+`�h�8��!(< ]��Ɠ=8�6��מ{

Sections

.text
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 422KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 374KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 370KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.tls
Size: 4KB - Virtual size: 24B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8dbbad823c73c40017c3d17aae56bf4c

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

oledlg

comdlg32

Exports

Exports

Sections

.text Size: - Virtual size: 2.0MB

.rdata Size: - Virtual size: 422KB

.data Size: - Virtual size: 374KB

.rsrc Size: 104KB - Virtual size: 116KB

.vmp0 Size: - Virtual size: 370KB

.tls Size: 4KB - Virtual size: 24B

.vmp1 Size: 1.2MB - Virtual size: 1.2MB

.text
Size: - Virtual size: 2.0MB

.rdata
Size: - Virtual size: 422KB

.data
Size: - Virtual size: 374KB

.rsrc
Size: 104KB - Virtual size: 116KB

.vmp0
Size: - Virtual size: 370KB

.tls
Size: 4KB - Virtual size: 24B

.vmp1
Size: 1.2MB - Virtual size: 1.2MB