d89949f617ab3a5f814d695dfaf03bec6450300cccd14066733852ec6135aa06

Sharing

Copy URL Twitter E-mail

General

Target

d89949f617ab3a5f814d695dfaf03bec6450300cccd14066733852ec6135aa06
Size

351KB
MD5

7f5a5a7825b66a6c1adf51ab40c18525
SHA1

1bf2a4eebcf85a2854623b524a70983792551d21
SHA256

d89949f617ab3a5f814d695dfaf03bec6450300cccd14066733852ec6135aa06
SHA512

02de2759fa604536289f52cabbac224bcce0eae18293cd1e790adccee1e3abae956949efe8ed3533fed3173847e108e11be7cc05e8061fc10b20847ff04b58b0
SSDEEP

6144:fGaq9tm8DJvH44GVs28KAC+uF6cjxUIhBg1kO2:uaEtFvYHVstK/F6cj5/EkO2

Score

N/A

Malware Config

Signatures

Files

d89949f617ab3a5f814d695dfaf03bec6450300cccd14066733852ec6135aa06
.exe windows x86

53883cf61069924e795137797cb35fa9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegReplaceKeyA
RegDeleteKeyW
RegEnumKeyA
RegOpenKeyW
RegQueryInfoKeyA
RegOpenKeyA
RegDeleteValueA
RegEnumKeyExW
RegOpenKeyExA
RegLoadKeyA
RegQueryValueExA
RegQueryInfoKeyW
RegCreateKeyW
RegEnumValueW
RegDeleteKeyA
RegGetKeySecurity
RegOpenKeyExW
RegDeleteValueW
RegEnumKeyExA
RegReplaceKeyW

kernel32

ReadConsoleA
GetCPInfo
Sleep
OpenFile
GetComputerNameA
DeleteAtom
GetLastError
FindFirstFileA
ExitThread
CopyFileA
GetCommandLineA
WriteFile
SetLastError
GetStdHandle
CreateDirectoryA
CopyFileW
CreateThread
WriteFile
GetConsoleMode
OpenFile
GetStdHandle
GetCommandLineA
GetFileSize
CreateProcessA
GetLastError
DeleteFileW
OpenFileMappingA
SetLastError
GetFileTime
FindAtomA
CreateDirectoryA
CopyFileA
GlobalFree
GetCPInfo
DeleteAtom
ExitThread
CopyFileW
Sleep

user32

AlignRects
GetDlgItem
DrawTextW
InsertMenuA
LoadMenuA
GetDC
DrawTextA
CreateIcon
GetWindowTextA
CalcMenuBar
DialogBoxParamA
IsWindow
CopyImage
GetMenu
AppendMenuA
DialogBoxParamW
CloseWindow
LoadCursorA

comctl32

ImageList_Copy
ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_AddIcon
ImageList_Draw
ImageList_GetImageRect
ImageList_GetImageCount
ImageList_Read
ImageList_BeginDrag
ImageList_Destroy
ImageList_GetImageInfo
ImageList_AddMasked
ImageList_Remove
ImageList_EndDrag
ImageList_GetIcon
ImageList_LoadImageA
ImageList_Replace
InitCommonControls
ImageList_DrawIndirect
ImageList_GetDragImage
ImageList_LoadImageW
ImageList_DrawEx
ImageList_GetDragImage
InitCommonControls
ImageList_DragShowNolock
ImageList_LoadImage
ImageList_Copy
ImageList_GetIconSize
ImageList_DragMove
ImageList_GetIcon
ImageList_DragEnter
ImageList_Replace
ImageList_ReplaceIcon
ImageList_Read
ImageList_LoadImageA
ImageList_Create
ImageList_Remove
ImageList_LoadImageW
ImageList_GetImageCount
ImageList_BeginDrag
ImageList_DrawIndirect
ImageList_GetImageRect
ImageList_Replace
ImageList_GetImageInfo
ImageList_GetIconSize
ImageList_EndDrag
ImageList_DragMove
InitCommonControls
ImageList_GetImageCount
ImageList_DragShowNolock
ImageList_LoadImageW
ImageList_Draw
ImageList_DragLeave
ImageList_Remove
ImageList_Merge
ImageList_ReplaceIcon
ImageList_GetImageRect
ImageList_Create
ImageList_DrawEx
ImageList_DragEnter
ImageList_GetIcon
ImageList_GetDragImage

gdi32

SetTextColor
CancelDC
GetBitmapBits
GetDCOrgEx
CloseFigure
ExcludeClipRect
DeleteDC
GetBrushOrgEx
AddFontResourceExA
CloseMetaFile
ExtTextOutA
BitBlt
BeginPath
CloseFigure
ClearBrushAttributes
CloseMetaFile
AbortPath
CancelDC
AddFontResourceA
RestoreDC
GetClipBox
AddFontResourceW

shell32

DragFinish
CommandLineToArgvW
SHDefExtractIconA
CheckEscapesA
DragQueryFileAorW
DllGetVersion
ExtractIconExA
FreeIconList
SHChangeNotifyRegister

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bbs
Size: - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 271B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 249B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53883cf61069924e795137797cb35fa9

Headers

File Characteristics

Imports

advapi32

kernel32

user32

comctl32

gdi32

shell32

Sections

.text Size: 28KB - Virtual size: 28KB

.data Size: 315KB - Virtual size: 314KB

.bbs Size: - Virtual size: 279KB

.idata Size: 5KB - Virtual size: 4KB

.tls Size: - Virtual size: 271B

.rdata Size: 512B - Virtual size: 249B

.rsrc Size: 1024B - Virtual size: 184KB

.text
Size: 28KB - Virtual size: 28KB

.data
Size: 315KB - Virtual size: 314KB

.bbs
Size: - Virtual size: 279KB

.idata
Size: 5KB - Virtual size: 4KB

.tls
Size: - Virtual size: 271B

.rdata
Size: 512B - Virtual size: 249B

.rsrc
Size: 1024B - Virtual size: 184KB