989d649539fc10d7bde96f1cdc42a7906837cd8c2db4d0f86f1d0e221a819de2

Sharing

Copy URL Twitter E-mail

General

Target

989d649539fc10d7bde96f1cdc42a7906837cd8c2db4d0f86f1d0e221a819de2
Size

90KB
MD5

a2c0292fe659454edb168ca560ac033e
SHA1

93f54cfdd5b0f71e334fa2fc34f98fbf2fa05bd5
SHA256

989d649539fc10d7bde96f1cdc42a7906837cd8c2db4d0f86f1d0e221a819de2
SHA512

78b157a7d6e55870fa212dc91971e052597bfc3dc398472cb176497940c2c643ef2cb5405560f115fda9d44eaed575b64eeca7c122ca24af346a89fdf1cc5fe9
SSDEEP

1536:RQNiYILUWb+f0UlvtVmas5QPVhdaWPr5qrimOmQxWvhhfiBpdrlR67fBnKSILF:RhLUO+f0UlFVQyhkuqrJhJ6N4a

Score

N/A

Malware Config

Signatures

Files

989d649539fc10d7bde96f1cdc42a7906837cd8c2db4d0f86f1d0e221a819de2
.exe windows x86

30f537a80883a64f41a30a8bc431e54e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetSysColor
UnhookWindowsHookEx
GetSubMenu
FrameRect
EnumWindows
GetSysColorBrush
PostQuitMessage
EnableMenuItem
EqualRect
SetWindowPos
GetMessageA
GetScrollPos
SetWindowTextA

kernel32

GetCurrentProcessId
FileTimeToSystemTime
GetTickCount
GetFileAttributesA
GetACP
InterlockedExchange
GetThreadLocale
VirtualAllocEx
GetStartupInfoA
ExitProcess
GetTimeZoneInformation
SetUnhandledExceptionFilter
GetOEMCP
RtlUnwind
GetTempPathA
GetSystemTime

gdi32

ExcludeClipRect
GetMapMode
CreateCompatibleBitmap
SelectClipPath
DPtoLP
CopyEnhMetaFileA
CreateICW
SetViewportExtEx
FillRgn

ole32

CoRevokeClassObject
CoInitializeSecurity
StringFromGUID2
CoCreateInstance
DoDragDrop
OleRun
CoTaskMemRealloc
CoInitialize
StgOpenStorage

advapi32

CryptHashData
RegQueryValueExW
RegCreateKeyExW
GetUserNameA
GetSecurityDescriptorDacl
AdjustTokenPrivileges
CheckTokenMembership
RegCreateKeyA
QueryServiceStatus
FreeSid

msvcrt

_mbscmp
_flsbuf
strncpy
__setusermatherr
raise
_strdup
puts
strcspn
__initenv
signal
_fdopen
_CIpow
fflush
__getmainargs
fprintf
strlen
_lock
iswspace

comctl32

ImageList_Destroy
ImageList_Write
ImageList_DragEnter
ImageList_GetBkColor
ImageList_ReplaceIcon
CreatePropertySheetPageA
ImageList_SetIconSize
ImageList_LoadImageA
ImageList_GetIconSize
ImageList_LoadImageW
InitCommonControls
ImageList_DrawEx
ImageList_GetIcon

shell32

ShellExecuteEx
CommandLineToArgvW
DragAcceptFiles
ShellExecuteW
SHGetPathFromIDList
ExtractIconW
DragQueryFileA
DoEnvironmentSubstW
ExtractIconExW
SHBrowseForFolderA
DragQueryFileW

oleaut32

SafeArrayPutElement
VariantCopy
SafeArrayCreate
SysReAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayUnaccessData
SafeArrayRedim

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jrrahrr
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

30f537a80883a64f41a30a8bc431e54e

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 38KB - Virtual size: 38KB

.data Size: 45KB - Virtual size: 44KB

.rsrc Size: 6KB - Virtual size: 34KB

jrrahrr Size: - Virtual size: 108KB

.text
Size: 38KB - Virtual size: 38KB

.data
Size: 45KB - Virtual size: 44KB

.rsrc
Size: 6KB - Virtual size: 34KB

jrrahrr
Size: - Virtual size: 108KB