a8f76cb33be3d555c7520c6f8f5681bbf045831f79bd90485a991acb8529bd4b

Sharing

Copy URL Twitter E-mail

General

Target

a8f76cb33be3d555c7520c6f8f5681bbf045831f79bd90485a991acb8529bd4b
Size

133KB
MD5

c5711738661491a6ba82e966ce6b357a
SHA1

1cc71b59436e49079dbff1843e16d8d385854daa
SHA256

a8f76cb33be3d555c7520c6f8f5681bbf045831f79bd90485a991acb8529bd4b
SHA512

86926a49c000ea47801dc3d28351d7b0cae5df1dc47f5ad079eeeea8050c30ceebd185896437841198b58e215df9561a3969b0c5783d7458dd8ad11e801c1add
SSDEEP

3072:BRpDwFHJWZJzp8bzHtM5uFetvGXVoaFuI1uTmXNups:Xp0Ma65u0tvGiXTqN1

Score

N/A

Malware Config

Signatures

Files

a8f76cb33be3d555c7520c6f8f5681bbf045831f79bd90485a991acb8529bd4b
.exe windows x86

902f2ab6a61a75446815c3f6dc9444d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

RtlUnwind
QueryPerformanceCounter
VirtualFree
GetPrivateProfileStringA
TerminateProcess
CompareFileTime
GetStringTypeExA
VirtualProtect
GetStartupInfoA
GlobalLock
GetVersion
GetModuleHandleA
GetVersionExA

msvcrt

_isctype
__set_app_type
_adjust_fdiv
wcstombs
__p__commode
puts
_initterm
_controlfp
_dup
localtime
_acmdln
__getmainargs
log10
__p__fmode
_XcptFilter
sqrt
__setusermatherr
_except_handler3
exit

user32

GetClassInfoA
GetDCEx
ReleaseCapture
ShowOwnedPopups
GetMenu
IsZoomed
SetWindowLongA
CheckMenuItem
DeleteMenu
GetMessagePos
SetScrollPos
DestroyCursor
TranslateMessage
LoadBitmapA
InvalidateRect
IsChild

comctl32

ImageList_GetIcon
ImageList_BeginDrag
InitCommonControls
ImageList_DragEnter
CreatePropertySheetPageA
CreateToolbarEx

gdi32

GetDIBits
StrokeAndFillPath
GetTextExtentPointA
EnumFontsA
GetPaletteEntries
GetNearestPaletteIndex
OffsetWindowOrgEx
Rectangle

version

VerLanguageNameA
VerQueryValueW
GetFileVersionInfoW
VerFindFileW

shell32

SHGetFolderPathA
ExtractAssociatedIconW
SHGetPathFromIDList
ShellExecuteEx
DragQueryFileW
DragQueryFile
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragAcceptFiles
SHBrowseForFolderW
ShellExecuteExW
SHAppBarMessage
SHCreateDirectoryExW
SHFileOperationA
SHGetMalloc

ole32

IsAccelerator
CoDisconnectObject
GetRunningObjectTable
ProgIDFromCLSID
StgOpenStorageOnILockBytes
OleIsCurrentClipboard
CreateItemMoniker
CoTaskMemFree
CoInitialize
RegisterDragDrop

advapi32

RegEnumKeyW
RegSetValueExW
SetSecurityDescriptorGroup
CryptGenRandom
CheckTokenMembership
CryptDestroyHash
GetTokenInformation
RegOpenKeyExA

oleaut32

GetActiveObject
SysReAllocStringLen
SysStringByteLen
SysAllocStringByteLen
SafeArrayGetElement
SafeArrayPutElement
SafeArrayPtrOfIndex

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

902f2ab6a61a75446815c3f6dc9444d7

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

comctl32

gdi32

version

shell32

ole32

advapi32

oleaut32

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 17KB - Virtual size: 42KB

.rsrc Size: 95KB - Virtual size: 95KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 17KB - Virtual size: 42KB

.rsrc
Size: 95KB - Virtual size: 95KB