a091c0fbcf5a7100a7cb3053a84c72fd358f10a1e0ddf1438d87dc35345d7eb8

Sharing

Copy URL Twitter E-mail

General

Target

a091c0fbcf5a7100a7cb3053a84c72fd358f10a1e0ddf1438d87dc35345d7eb8
Size

148KB
MD5

44fc9f57cc37a87ca421c597c913395a
SHA1

fb07c0f1f681ee5492694276f8618d3db5734f8c
SHA256

a091c0fbcf5a7100a7cb3053a84c72fd358f10a1e0ddf1438d87dc35345d7eb8
SHA512

8590b40d59c00a9bbd0c99ddb2b76d962895d188fbed610f560a3ddbce0ca9684158f2f690a135435a0217a31bb7e979cb547bb6117ea84d247d522dd76d7349
SSDEEP

3072:MJZ1oKBMglN76Q/oGfZfPhW34RLH6oPSRXtW1S7UmacXK:q6WbZn8WLDPUXtf7UT

Score

N/A

Malware Config

Signatures

Files

a091c0fbcf5a7100a7cb3053a84c72fd358f10a1e0ddf1438d87dc35345d7eb8
.exe windows x86

4ab3cc020dab0f250cc8a607943e8d11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_except_handler3
_beginthreadex
exit
_initterm
__p__commode
_open
_kbhit
__setusermatherr
__set_app_type
_mbscmp
__p__fmode
clearerr
log10
_adjust_fdiv
_acmdln
_XcptFilter
_controlfp
__getmainargs

kernel32

SystemTimeToFileTime
GetConsoleOutputCP
DeviceIoControl
GetStartupInfoA
GetCPInfo
GetExitCodeProcess
RtlUnwind
LocalAlloc
GetOEMCP
GetVersion
GetModuleHandleA
GetCommandLineW
SetErrorMode
LocalFree
GetLocaleInfoA
VirtualProtect
GetSystemDirectoryA

oleaut32

LoadTypeLib
VariantInit
SafeArrayCreate
SafeArrayPtrOfIndex
SysStringLen
SafeArrayGetElement
CreateErrorInfo
SetErrorInfo
SysStringByteLen
SysReAllocStringLen
SafeArrayUnaccessData
SysFreeString

gdi32

DeleteMetaFile
GetBitmapBits
GetMetaFileBitsEx
SetAbortProc
StrokePath
CopyMetaFileA
SetWindowExtEx
StartPage
GetStretchBltMode
CreateBitmap

comctl32

ImageList_Add
InitCommonControls
ImageList_DragShowNolock
ImageList_SetDragCursorImage
ImageList_GetIconSize
ImageList_SetIconSize
ImageList_SetBkColor
ImageList_GetBkColor
CreateToolbarEx
ImageList_Create

advapi32

RegDeleteValueA
RegQueryValueA
CryptHashData
CryptAcquireContextA
CloseServiceHandle
RegEnumValueA
SetSecurityDescriptorDacl
RegDeleteKeyA
QueryServiceStatus
RegCreateKeyExA
LookupPrivilegeValueA

ole32

CoInitialize
CreateBindCtx
ReleaseStgMedium
CoRegisterClassObject
ProgIDFromCLSID
PropVariantClear
OleSetClipboard
DoDragDrop
CoSetProxyBlanket
CoRevokeClassObject

shell32

SHGetDesktopFolder
ExtractIconExW
ExtractIconW
ShellExecuteW
ExtractIconA

user32

TranslateMessage
InsertMenuA
SetCapture
UnhookWindowsHookEx
RegisterClassA

version

VerFindFileW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerInstallFileA
VerQueryValueW
GetFileVersionInfoW
VerInstallFileW
GetFileVersionInfoA

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ab3cc020dab0f250cc8a607943e8d11

Headers

File Characteristics

Imports

msvcrt

kernel32

oleaut32

gdi32

comctl32

advapi32

ole32

shell32

user32

version

Sections

.text Size: 18KB - Virtual size: 17KB

.data Size: 17KB - Virtual size: 40KB

.rsrc Size: 112KB - Virtual size: 112KB

.text
Size: 18KB - Virtual size: 17KB

.data
Size: 17KB - Virtual size: 40KB

.rsrc
Size: 112KB - Virtual size: 112KB