f125873885f50d6c1cfefdcc3b84d2c68c9bc9c6f513070c7fb5aae46736b946

General

Target

f125873885f50d6c1cfefdcc3b84d2c68c9bc9c6f513070c7fb5aae46736b946
Size

294KB
MD5

52cd870cdb75b1e417177c359bc81a5d
SHA1

24a6e410e73946d6716d8502f1bbe73c881291fa
SHA256

f125873885f50d6c1cfefdcc3b84d2c68c9bc9c6f513070c7fb5aae46736b946
SHA512

9f79823fd7c814be59b6bab7b2641ec0aefb457ec977fb9ecc728214078aa124197aaaec00ed3726bd58a3440c288df8f90951cb32a4cffc849d14f3c81be9bd
SSDEEP

6144:T4Byd0kJEobOJwu3T+2nivi1m007afYvFyaCemeadLK6UU:TAoqFrnihMYv0aCemhKI

Score

N/A

Malware Config

Signatures

Files

f125873885f50d6c1cfefdcc3b84d2c68c9bc9c6f513070c7fb5aae46736b946
.exe windows x86

f696b06a2acdeb40fd80d5dc9e689c3a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantTimeToSystemTime
VariantInit
SysFreeString
VariantChangeType

ole32

StringFromGUID2

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

kernel32

UnhandledExceptionFilter
GetTimeFormatA
RaiseException
IsDebuggerPresent
GetModuleHandleA
GetDateFormatA
GetThreadLocale
FreeLibrary
WideCharToMultiByte
IsProcessorFeaturePresent
FormatMessageW
lstrlenA
LoadLibraryExW
SetUnhandledExceptionFilter
GetModuleHandleW
GetSystemTimeAsFileTime
GetPrivateProfileStringA
GetCurrentThreadId
LoadLibraryW
VirtualAllocEx

user32

LoadStringW
GetWindowTextA
MessageBoxA

shlwapi

SHQueryValueExA
PathIsUNCW
StrToIntExA
PathGetCharTypeW
PathMakeSystemFolderW
PathParseIconLocationA
UrlCreateFromPathW
PathSearchAndQualifyW
PathRemoveFileSpecA
PathMatchSpecW
SHLoadIndirectString
StrSpnW
UrlUnescapeW
SHRegSetPathA
SHRegGetPathA
StrRChrA
SHSkipJunction
UrlCombineA
PathFindExtensionW
SHRegQueryUSValueA
UrlCompareA
SHQueryValueExW
StrChrW

kbdmon

KbdLayerDescriptor

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 256KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 373KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f696b06a2acdeb40fd80d5dc9e689c3a

Headers

File Characteristics

Imports

oleaut32

ole32

advapi32

kernel32

user32

shlwapi

kbdmon

Sections

.text Size: 16KB - Virtual size: 16KB

.data Size: 256KB - Virtual size: 3.3MB

.rdata Size: 2KB - Virtual size: 373KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 16KB - Virtual size: 16KB

.data
Size: 256KB - Virtual size: 3.3MB

.rdata
Size: 2KB - Virtual size: 373KB

.rsrc
Size: 18KB - Virtual size: 18KB