8a5dc3515b4f8647739111667fcf90d5c2b2d0233d9c63922a688dafe7454814

Sharing

Copy URL Twitter E-mail

General

Target

8a5dc3515b4f8647739111667fcf90d5c2b2d0233d9c63922a688dafe7454814
Size

145KB
MD5

f1e015c88454722d3e2149f38707ac0b
SHA1

d198d48e0fc9ebea4e6cd8a11863368fbddc14c0
SHA256

8a5dc3515b4f8647739111667fcf90d5c2b2d0233d9c63922a688dafe7454814
SHA512

68f662c1188ec504577e2bfcd75b75c74338cb39decf0331fab15bb393bc70ff54bb082163f026e733cd097c2e5e3d61fa74048c0c42d0fa79fbe0f338eb7f95
SSDEEP

3072:6tR8CvWx4zpyeRC5xwZmPwexXI7Ge6s0ILYL6:n0pTRC5KfeRHs0Ie6

Score

N/A

Malware Config

Signatures

Files

8a5dc3515b4f8647739111667fcf90d5c2b2d0233d9c63922a688dafe7454814
.exe windows x86

1206e315211dcb4eac3e080e5ace44e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCanonicalizeW
StrFormatKBSizeW
PathStripToRootW

shell32

ord716

kernel32

GetStartupInfoA
CreateTimerQueueTimer
CreateSemaphoreA
TlsSetValue
CancelDeviceWakeupRequest
EscapeCommFunction
GetLogicalDrives
GetProfileStringW
FileTimeToDosDateTime
SetProcessWorkingSetSize
LoadLibraryW
WaitForSingleObjectEx
CreateDirectoryW
lstrcpynA
CreateMutexA
lstrcmpiW
GetLogicalDriveStringsA
DisconnectNamedPipe
SetFileShortNameA

user32

EnumThreadWindows
GetDlgItemTextW
ScrollWindowEx
HiliteMenuItem
ShowScrollBar
LoadBitmapW
CascadeWindows
DragDetect
GetDC
IsCharUpperW
IsWindowEnabled
GetClipCursor
DlgDirSelectExA
CopyImage
SetForegroundWindow
DialogBoxIndirectParamW
MapVirtualKeyW
EnumPropsW
SwapMouseButton
DestroyAcceleratorTable
LockWorkStation
LoadMenuIndirectW
CopyAcceleratorTableA
DrawTextExW
TranslateMessage
SetRect
InvalidateRect
GetAltTabInfoA
PeekMessageW
GetRawInputDeviceInfoA
GetTabbedTextExtentA
GetMenuContextHelpId
EnableScrollBar
PostThreadMessageW
MessageBoxW
MapWindowPoints
DispatchMessageW
GetTopWindow
GetWindowRect

gdi32

GetTextExtentPointW
GetOutlineTextMetricsW
CreateBrushIndirect
SetPaletteEntries
GetCurrentObject
GetCharWidthI
Arc
ScaleWindowExtEx
SetLayout
EnumEnhMetaFile
AbortPath
ExtTextOutW
GetCharWidthA
RealizePalette

advapi32

BackupEventLogA
AreAllAccessesGranted
AddAccessDeniedObjectAce
DeleteAce
IsTextUnicode
GetCurrentHwProfileW

Exports

Exports

__GetPropW@12

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.extext
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bmem
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedat
Size: 1024B - Virtual size: 780B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1206e315211dcb4eac3e080e5ace44e1

Headers

File Characteristics

Imports

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 10KB

.extext Size: 3KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 3KB

.bmem Size: 512B - Virtual size: 68B

.sedat Size: 1024B - Virtual size: 780B

.rsrc Size: 124KB - Virtual size: 123KB

.reloc Size: 1024B - Virtual size: 972B

.text
Size: 11KB - Virtual size: 10KB

.extext
Size: 3KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 3KB

.bmem
Size: 512B - Virtual size: 68B

.sedat
Size: 1024B - Virtual size: 780B

.rsrc
Size: 124KB - Virtual size: 123KB

.reloc
Size: 1024B - Virtual size: 972B