cf42308349c67da2ca92cf679ec0a56b3aa1a3e78da7904bde41f8530316ecff

Sharing

Copy URL Twitter E-mail

General

Target

cf42308349c67da2ca92cf679ec0a56b3aa1a3e78da7904bde41f8530316ecff
Size

111KB
MD5

5a817bcbf5a0c16fd60afb902e41ac60
SHA1

06b18235c44dc5404150c7340b8f88e465504280
SHA256

cf42308349c67da2ca92cf679ec0a56b3aa1a3e78da7904bde41f8530316ecff
SHA512

7959dbf99044de9d40874f552e863816dfb06b78cbf2a59223163c5630cba21595b038ebc303233c634ece918271bbba0aa7a06eb1ae54a582fac7f3b6f4637c
SSDEEP

1536:Ifm4FEctf8fz3OG6PYovnWaonzbk+hnez5tV6tDujSTbb9UsvH9j4:Dxfz3O1PVnHG82nK/UtDu2TFUsv9j4

Score

N/A

Malware Config

Signatures

Files

cf42308349c67da2ca92cf679ec0a56b3aa1a3e78da7904bde41f8530316ecff
.exe windows x86

588948937a5aa3cefd74674d1350a059

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetUserDefaultLCID
GetThreadLocale
GetStartupInfoA
LCMapStringW
VirtualAlloc
SetErrorMode
VirtualProtect
GetModuleFileNameW
WaitForMultipleObjects
ExpandEnvironmentStringsA
GetModuleHandleA
InterlockedIncrement
SetFilePointer

user32

DrawMenuBar
ReleaseCapture
GetMenuState
EnableWindow
CharNextA
GetMenuStringA
IsChild
GetSystemMenu
GetSysColorBrush
InvalidateRect
ShowCursor
GetCapture
EndPaint
GetSysColor
DrawEdge

msvcrt

__setusermatherr
exit
_adjust_fdiv
strlen
__getmainargs
_filelengthi64
_acmdln
__p__fmode
fread
fsetpos
sqrt
__set_app_type
_wfopen
_initterm
_XcptFilter
_except_handler3
__p__commode

comctl32

CreateToolbarEx
DestroyPropertySheetPage
ImageList_Create
PropertySheetW
ImageList_EndDrag
ImageList_DrawEx
ImageList_DragLeave
ImageList_GetIcon

shell32

SHGetDiskFreeSpaceExW
SHGetPathFromIDList
ShellExecuteExA
ExtractIconA
SHGetFileInfo
SHBindToParent
ShellExecuteW
SHGetSpecialFolderPathW
ShellExecuteExW
DragFinish

oleaut32

LoadTypeLib
GetErrorInfo
VariantCopy
SafeArrayGetUBound
CreateErrorInfo
SysAllocStringByteLen
SafeArrayCreate
VariantCopyInd
SafeArrayRedim

advapi32

CryptReleaseContext
CryptCreateHash
OpenServiceA
CryptGenRandom
RegQueryValueA
SetSecurityDescriptorDacl
AdjustTokenPrivileges
InitializeSecurityDescriptor

ole32

CoInitializeSecurity
CoRegisterMessageFilter
RevokeDragDrop
CoInitialize
CoInitializeEx
OleRun
CoDisconnectObject

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

588948937a5aa3cefd74674d1350a059

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

comctl32

shell32

oleaut32

advapi32

ole32

Sections

.text Size: 80KB - Virtual size: 80KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 80KB - Virtual size: 80KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 25KB - Virtual size: 25KB