83b476f8eeb4018311bd48be8be69751f8e477f98c97d29edd7a310d295cd864

Sharing

Copy URL

Twitter E-mail

General

Target

83b476f8eeb4018311bd48be8be69751f8e477f98c97d29edd7a310d295cd864
Size

185KB
MD5

431c6157293218563f89c0ff3b974a46
SHA1

3183a6bbef0a2d8a5a32fec9c54f766253ab4cf1
SHA256

83b476f8eeb4018311bd48be8be69751f8e477f98c97d29edd7a310d295cd864
SHA512

f675cd55de3c5e6d95603c7e8cdafbdcae18fb0f8644e8a584960b147e1678a32c5ec0ae943029b8ed262f1e4484ae325bd7c7cec50c9eecc1e1e7ad99fcd786
SSDEEP

3072:JZ9UoFYyqlt9ZmHr04eSZnLEzY0OBJz8E9UJuntlNFTM:DPYJbeLDpZh0OBJIkcut7

Score

N/A

Malware Config

Signatures

Files

83b476f8eeb4018311bd48be8be69751f8e477f98c97d29edd7a310d295cd864
.exe windows x86

35a5e56c53771e638bc13be01bdac502

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegLoadKeyA

ole32

PropVariantClear
ReleaseStgMedium
StgCreateDocfileOnILockBytes
CLSIDFromString

oleaut32

SafeArrayUnaccessData
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayGetUBound
SafeArrayPtrOfIndex
SysFreeString
SafeArrayCreate
VariantChangeType
SysReAllocStringLen
VariantCopyInd
OleLoadPicture
SysAllocStringLen

msvcrt

asin
tolower
atan
memset
mbstowcs
strlen
memcmp
pow
memcpy
memcmp

version

VerInstallFileA
GetFileVersionInfoA
VerQueryValueA
VerFindFileA

shell32

SHFileOperationA
SHGetDiskFreeSpaceA

kernel32

GetCommandLineA
GetModuleHandleA
LoadLibraryExA
GetLastError
GetProcAddress
IsBadHugeReadPtr
ExitProcess
lstrlenA
Sleep
VirtualAlloc
ExitThread
CloseHandle
VirtualAllocEx

comctl32

ImageList_Write
ImageList_DrawEx
ImageList_DragShowNolock
ImageList_Draw
ImageList_Add
ImageList_Destroy
ImageList_Create
ImageList_GetBkColor
ImageList_Remove
ImageList_Read

gdi32

SaveDC
CreateFontIndirectA
GetClipBox
SelectObject
GetPixel

user32

AdjustWindowRectEx
BeginPaint
CallNextHookEx

shlwapi

SHGetValueA
SHQueryInfoKeyA
PathIsContentTypeA
SHEnumValueA
PathFileExistsA
SHDeleteKeyA
SHStrDupA
PathIsDirectoryA
SHDeleteValueA

comdlg32

ChooseColorA

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fdata
Size: 1024B - Virtual size: 670B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cdata
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35a5e56c53771e638bc13be01bdac502

Headers

File Characteristics

Imports

advapi32

ole32

oleaut32

msvcrt

version

shell32

kernel32

comctl32

gdi32

user32

shlwapi

comdlg32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 1024B - Virtual size: 88KB

.data Size: 8KB - Virtual size: 7KB

.fdata Size: 1024B - Virtual size: 670B

.cdata Size: 123KB - Virtual size: 122KB

.bdata Size: 4KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 980B

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 1024B - Virtual size: 88KB

.data
Size: 8KB - Virtual size: 7KB

.fdata
Size: 1024B - Virtual size: 670B

.cdata
Size: 123KB - Virtual size: 122KB

.bdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 980B