aa36515230ec2efb6c527b878b686fea5a171acd01559f4caa11fae8ca64bf64

Sharing

Copy URL

Twitter E-mail

General

Target

aa36515230ec2efb6c527b878b686fea5a171acd01559f4caa11fae8ca64bf64
Size

125KB
MD5

e055da03b70febf2e02c774f6af23682
SHA1

f6005bdb1b8cc1ebf2ddc5b2d4024b1b5f7eafa8
SHA256

aa36515230ec2efb6c527b878b686fea5a171acd01559f4caa11fae8ca64bf64
SHA512

38fd2e17c0cd0a25a3e1e81dd8d2baf81ba0883d45273a68beaab363925fea5bbed6f76a5020ba348be47bd260aa7d0998b082feaf261b4e70e819429f3cd3cf
SSDEEP

3072:DyRNW4OBKvj9NJt1rfL2B2oHTKz7VJpeZIW6jUfQGT:hKvj9Trfana7VJpeaWVYy

Score

N/A

Malware Config

Signatures

Files

aa36515230ec2efb6c527b878b686fea5a171acd01559f4caa11fae8ca64bf64
.exe windows x86

9736583f4b58922abccd7104a38b988c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_strlwr
atoi
_initterm
bsearch
__set_app_type
_rotr
?terminate@@YAXXZ
_rotl
wcsncpy
_c_exit
__p__fmode
strstr
__p__commode
__setusermatherr
isalpha
time
wcspbrk
_finite
_snwprintf
strtok
__p__iob
__p__osver

ole32

CoRevertToSelf
OleInitialize
CoSetProxyBlanket
CoCreateGuid
OleRegGetUserType
CoCreateInstanceEx
CreateBindCtx
ProgIDFromCLSID
StringFromIID
CoInitializeEx
CoCreateInstance

comdlg32

ChooseColorW
PageSetupDlgA
FindTextW
GetOpenFileNameA
GetOpenFileNameW
PrintDlgA
ChooseColorA
PrintDlgExW
GetSaveFileNameW
PrintDlgW

advapi32

RegEnumKeyW
CryptDestroyKey
RegDeleteKeyA
QueryServiceConfigW
GetSecurityDescriptorControl
GetSidSubAuthority
IsValidAcl
RegEnumKeyA
GetAclInformation
RegQueryValueExW
OpenThreadToken
RegFlushKey
RegEnumKeyExA
RegDeleteKeyW
LsaOpenPolicy
GetUserNameW
GetLengthSid
SetSecurityDescriptorGroup
RegCreateKeyW
LsaQueryInformationPolicy
RegEnumValueW
IsValidSid

kernel32

LockResource
VirtualAlloc
GetModuleHandleW
LoadResource
SystemTimeToFileTime
GetCurrentProcessId
GetCurrentThreadId
OutputDebugStringA
GetStringTypeW
ResumeThread
ExpandEnvironmentStringsW
ExitProcess
HeapSize

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 39KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9736583f4b58922abccd7104a38b988c

Headers

File Characteristics

Imports

msvcrt

ole32

comdlg32

advapi32

kernel32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 38KB - Virtual size: 38KB

.data Size: 39KB - Virtual size: 154KB

.idata Size: 41KB - Virtual size: 41KB

.reloc Size: 512B - Virtual size: 492B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 39KB - Virtual size: 154KB

.idata
Size: 41KB - Virtual size: 41KB

.reloc
Size: 512B - Virtual size: 492B