f8e131e2bcd83f9b47a4cb3929453f0f86a5ef3d4be563d648e0522094aeda19

Sharing

Copy URL Twitter E-mail

General

Target

f8e131e2bcd83f9b47a4cb3929453f0f86a5ef3d4be563d648e0522094aeda19
Size

105KB
MD5

0e8d4393b2b8fb7e07a8603422602c01
SHA1

93e107f08d5f2bd57f1cdacd27cd4d36bd24e351
SHA256

f8e131e2bcd83f9b47a4cb3929453f0f86a5ef3d4be563d648e0522094aeda19
SHA512

977bb2d2ab5a78b4fbb02f992848d0ceda99f4350522de35b55431813c3d96ea68c58ff40ae8138536110428caceea7681cee931bebb1ab47285e1a5ceb6b434
SSDEEP

3072:2e8khupINrn696du0oxRvFBiC2jo4ILGGTMO2m:T8kaI1V8nvF8n8OGT95

Score

N/A

Malware Config

Signatures

Files

f8e131e2bcd83f9b47a4cb3929453f0f86a5ef3d4be563d648e0522094aeda19
.exe windows x86

e84472a4976766759e64328ea5f03c86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
GetFullPathNameA
GetEnvironmentStrings
lstrcmpA
GetCurrentProcess
VirtualFree
UnhandledExceptionFilter
GlobalReAlloc
GetNumberFormatA
GetCurrentThreadId
IsBadWritePtr
WideCharToMultiByte

msvcrt

_onexit
_strnicmp
strrchr
calloc
__setusermatherr
__p__fmode
_XcptFilter
fflush
__p__commode
__p___initenv
__set_app_type
_adjust_fdiv
atoi
_cexit
strcpy
_exit
_initterm
memset
sinh
_except_handler3
_setmode
_controlfp
free
__getmainargs

comdlg32

GetOpenFileNameA

user32

DestroyCursor
KillTimer
IntersectRect
GetCursorPos
CreateWindowExA
GetKeyboardType
SendMessageA
RemovePropA
SetDlgItemTextA

comctl32

ImageList_Write
ImageList_Create
ImageList_SetDragCursorImage
PropertySheetW
ImageList_Destroy
CreateToolbarEx
ImageList_GetIcon
ImageList_DragLeave
ImageList_Replace
ImageList_GetImageCount
ImageList_AddMasked
PropertySheetA
ImageList_LoadImageA

gdi32

GetTextExtentPoint32W
SetWindowOrgEx
EnumFontFamiliesW
ExtCreatePen
CreateBrushIndirect
GetPixel
PlayMetaFileRecord
GetTextExtentPointA
GetClipRgn
Polygon
SetRectRgn
SetTextAlign
RectVisible
Rectangle
CreateDCA

advapi32

RegEnumValueA
AddAccessAllowedAce
CheckTokenMembership
CloseServiceHandle
RegQueryValueA
CryptCreateHash
OpenThreadToken
InitiateSystemShutdownA
RegCreateKeyA
RevertToSelf
CryptReleaseContext
RegCreateKeyExA
RegQueryValueExW
RegEnumKeyW
InitializeSecurityDescriptor

ole32

CoRegisterClassObject
StringFromCLSID
RevokeDragDrop
CoDisconnectObject
CLSIDFromString
OleIsCurrentClipboard
OleInitialize
CreateILockBytesOnHGlobal
OleSetMenuDescriptor
StringFromGUID2
CoRegisterMessageFilter

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e84472a4976766759e64328ea5f03c86

Headers

File Characteristics

Imports

kernel32

msvcrt

comdlg32

user32

comctl32

gdi32

advapi32

ole32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 38KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 38KB

.rsrc
Size: 28KB - Virtual size: 27KB