d0cfd46280525e97a95e687a2a5d383dcde16986fdd0219ff7574cfc9ba9e4df

Sharing

Copy URL Twitter E-mail

General

Target

d0cfd46280525e97a95e687a2a5d383dcde16986fdd0219ff7574cfc9ba9e4df
Size

135KB
MD5

36046171822f4dcc1e15ec52f177f1d7
SHA1

d74e7bdf07157be2bc42e246070f94e527a795a1
SHA256

d0cfd46280525e97a95e687a2a5d383dcde16986fdd0219ff7574cfc9ba9e4df
SHA512

39e15f0f16f08a1267626eacac66a45e04e48ce827fd1b25281264dd4e387eb9f91bb0febcbdbc7b716f7d5392186fc944872a044a25e0f6987fa5d624b37593
SSDEEP

3072:bXWZHRjPbdJM0mh8O1YeCIGki0vdbsVaZz7HkCZIabuaGEF+p:UxjV+8GG/0vdU0ECzbzGEF

Score

N/A

Malware Config

Signatures

Files

d0cfd46280525e97a95e687a2a5d383dcde16986fdd0219ff7574cfc9ba9e4df
.exe windows x86

a8de527efd9817887c121406dda72d50

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

memcpy

shlwapi

StrFormatByteSizeA
StrCmpNA
StrDupW
SHRegEnumUSKeyA
ord155

shell32

SHCreateDirectoryExW
SHGetFolderPathA

kernel32

GetTempPathA
GetFileSize
SearchPathW
SetFilePointer
PeekNamedPipe
SetEndOfFile
FindResourceExW
SetFileShortNameW
CopyFileW
lstrcatW
GetNamedPipeInfo
GetBinaryTypeW
SetThreadPriority
FindClose
_hwrite
GlobalMemoryStatusEx
WaitForMultipleObjects
GetThreadPriority
WaitCommEvent
GetCurrentThreadId
ReleaseMutex
FindAtomW
lstrcpyA
lstrcmpiW
GetSystemInfo
lstrcmpiA
GetSystemTimeAdjustment
GetModuleHandleW
FindResourceA
LocalFileTimeToFileTime
FileTimeToSystemTime
FormatMessageW
_lcreat
DosDateTimeToFileTime
FileTimeToDosDateTime
HeapDestroy

user32

EndPaint
SetWindowPos
CreateIconFromResource
CharUpperBuffA
IsCharAlphaNumericW
CharUpperA
MapDialogRect
SetActiveWindow
PrivateExtractIconsW
SetWindowPlacement
EnumPropsW
RemovePropW
PostMessageW
DeleteMenu
InvalidateRgn
SendMessageA
GetMenuItemInfoW
BeginPaint
TranslateMessage
LockWindowUpdate
GetCursorInfo
SetPropA
SetScrollPos
PeekMessageA
ReleaseDC
TranslateAcceleratorA
LoadAcceleratorsA
SetWindowTextW
GetPropW
LoadCursorFromFileA
GetDC
GetDesktopWindow
GetWindowRgn
DispatchMessageA

gdi32

UpdateColors
SetTextCharacterExtra
OffsetClipRgn
AngleArc
SetBkColor
LineTo
GetTextExtentPointA
CreateScalableFontResourceA
SetBoundsRect
CreateBitmapIndirect
GetObjectType
Polyline
DeleteObject
DeleteDC
ExcludeClipRect
GetCharWidthW
CreateDCW
CreateCompatibleBitmap
GetSystemPaletteEntries

advapi32

IsValidSid
EqualPrefixSid
EqualSid
PrivilegedServiceAuditAlarmA
ObjectCloseAuditAlarmW

Exports

Exports

_Copy_Img@12
_Create_Img@12
_Set_Img@12
_Update_Img@12

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vars
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IMPORT
Size: 512B - Virtual size: 147B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8de527efd9817887c121406dda72d50

Headers

File Characteristics

Imports

ntdll

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.code Size: 4KB - Virtual size: 3KB

.data Size: - Virtual size: 160B

.vars Size: 4KB - Virtual size: 3KB

IMPORT Size: 512B - Virtual size: 147B

.rsrc Size: 116KB - Virtual size: 115KB

.reloc Size: 1024B - Virtual size: 616B

.text
Size: 8KB - Virtual size: 8KB

.code
Size: 4KB - Virtual size: 3KB

.data
Size: - Virtual size: 160B

.vars
Size: 4KB - Virtual size: 3KB

IMPORT
Size: 512B - Virtual size: 147B

.rsrc
Size: 116KB - Virtual size: 115KB

.reloc
Size: 1024B - Virtual size: 616B