ff0e7273c4275e8be7fedfd048dc080e4f5e00033e6999163f80e32110394ca8

Sharing

Copy URL Twitter E-mail

General

Target

ff0e7273c4275e8be7fedfd048dc080e4f5e00033e6999163f80e32110394ca8
Size

104KB
MD5

a83790584782cbd8ff894979b20e44d8
SHA1

8145f6bce8ad568853e6a18a4ea443c654677db7
SHA256

ff0e7273c4275e8be7fedfd048dc080e4f5e00033e6999163f80e32110394ca8
SHA512

960837a1c7b2cab27e61eec23f2b853ecf4b1b5b720dadf769c64348d13efa8bd9fefce7d5021730b42fd0ff9bdff24a50f3d3bf02ef10dd8c306e35bd593ab2
SSDEEP

1536:4lTGXxYeT/3hIGvMSHXClbC0pI+YMGFM2BJgP2TXksvY3byWwxmQG67pc+N5GzPU:9xTPpUFbC0mDOT2TXS3RRk1c+jG7c

Score

N/A

Malware Config

Signatures

Files

ff0e7273c4275e8be7fedfd048dc080e4f5e00033e6999163f80e32110394ca8
.exe windows x86

e250bfe0f4815dd01935a9261617b688

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetFileAttributesA
FileTimeToDosDateTime
lstrcmpA
GetACP
GetTimeZoneInformation
GetTickCount
DeleteFileA
GetSystemDefaultLCID
WaitForMultipleObjects
GetCurrentThreadId
GetNumberFormatA
ExpandEnvironmentStringsA
InterlockedExchange
GetTempPathA
GetFileTime
MulDiv
SetThreadLocale
GetWindowsDirectoryA

msvcrt

_exit
__getmainargs
memcpy
fputc
strchr
atoi
_controlfp
calloc
__setusermatherr
__p__commode
fopen
_adjust_fdiv
strncpy
_initterm
__dllonexit
fwrite
_setmode
_except_handler3
_XcptFilter
wcslen
abort
_iob
sinh
free
__p__fmode
__set_app_type
__p___initenv

comdlg32

GetOpenFileNameA

user32

SetDlgItemTextA
RegisterWindowMessageA
SetFocus
LoadBitmapA
LoadIconA
IntersectRect
InvalidateRect
WindowFromPoint
LoadCursorA
DestroyMenu

ole32

CoTaskMemRealloc
CoCreateGuid
CoInitialize
StgOpenStorageOnILockBytes
CoUninitialize
RegisterDragDrop
CreateStreamOnHGlobal
OleUninitialize

comctl32

ImageList_Destroy
ImageList_DragShowNolock
ImageList_BeginDrag
ImageList_SetOverlayImage
ImageList_GetIconSize
ImageList_GetBkColor
CreateStatusWindowA
ImageList_LoadImageA
CreateToolbarEx
ImageList_DragLeave
InitializeFlatSB

gdi32

GetTextExtentPoint32W
AbortDoc
Polyline
CreateDIBSection
CopyMetaFileW
GetEnhMetaFilePaletteEntries
LineDDA
PtVisible
GetOutlineTextMetricsA
GetCurrentObject
FrameRgn
SetDIBits
StretchDIBits
SetTextJustification
CreateFontIndirectW

advapi32

RegSetValueExW
OpenServiceA
OpenServiceW
CryptReleaseContext
RegCreateKeyExW
InitializeAcl
CheckTokenMembership
RegDeleteKeyA
SetSecurityDescriptorGroup
RegEnumKeyW
RegQueryValueExA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e250bfe0f4815dd01935a9261617b688

Headers

File Characteristics

Imports

kernel32

msvcrt

comdlg32

user32

ole32

comctl32

gdi32

advapi32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 38KB

.rsrc Size: 29KB - Virtual size: 29KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 38KB

.rsrc
Size: 29KB - Virtual size: 29KB