8ff4a1854d246d4806ae2875fe0ee9b9be8a5344a5711449aaeac7ede4495b82

Sharing

Copy URL Twitter E-mail

General

Target

8ff4a1854d246d4806ae2875fe0ee9b9be8a5344a5711449aaeac7ede4495b82
Size

212KB
MD5

93c157d474d913728dff2a9a48f04abf
SHA1

322b6ea9aecbbc6fceb4de71288a75bbc8a9cf4c
SHA256

8ff4a1854d246d4806ae2875fe0ee9b9be8a5344a5711449aaeac7ede4495b82
SHA512

bfaa6393d316dadc7fea42fdd7d80b491b42264fa86a42007957b57797e1ce40213770ffbf24602a9c82119b16f99cc72e7aef6c369f3d01de4be16b598e9066
SSDEEP

3072:ZAmt2tAIu82efyxThe6cOauWMTQ37ydLsgBjHwsJ6GOPFFaoILfdGNtrE:Tt5Je2/E7ydLTJJRo9

Score

N/A

Malware Config

Signatures

Files

8ff4a1854d246d4806ae2875fe0ee9b9be8a5344a5711449aaeac7ede4495b82
.exe windows x86

d652b77c576de6a3e42257f408b66228

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

comdlg32

FindTextA
GetSaveFileNameA
ChooseColorA
GetFileTitleA

gdi32

CreatePalette
CreateDIBitmap
CreateDIBSection
GetDIBColorTable
GetObjectA
GetClipBox
GetCurrentPositionEx
SelectObject
SaveDC

comctl32

ImageList_DrawEx
ImageList_Add
ImageList_Remove
ImageList_Create
ImageList_DragShowNolock
ImageList_Destroy
ImageList_Read

shlwapi

PathIsDirectoryA
SHQueryInfoKeyA
PathFileExistsA

kernel32

LoadLibraryA
IsBadReadPtr
VirtualQuery
GetProcAddress
GlobalAlloc
MoveFileA
ExitThread
GetVersionExA
GetUserDefaultLCID
VirtualAlloc
lstrlenW
GetACP
lstrlenA
GetModuleHandleA
MoveFileExA
ExitProcess
GetModuleHandleW
WriteFile
EnterCriticalSection
GetLastError
LocalAlloc
LoadLibraryExA

user32

ClientToScreen
InsertMenuA

version

VerQueryValueA
VerInstallFileA

oleaut32

SafeArrayPtrOfIndex
RegisterTypeLib

advapi32

GetUserNameA
RegEnumKeyExA
RegEnumKeyA
RegLoadKeyA

Sections

CODE
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RSRC3
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RSRC8
Size: 512B - Virtual size: 499B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RSRC4
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RSRC0
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RSRC7
Size: 1KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RSRC9
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d652b77c576de6a3e42257f408b66228

Headers

File Characteristics

Imports

comdlg32

gdi32

comctl32

shlwapi

kernel32

user32

version

oleaut32

advapi32

Sections

CODE Size: 63KB - Virtual size: 62KB

.data Size: 135KB - Virtual size: 134KB

.RSRC3 Size: 4KB - Virtual size: 3KB

.RSRC8 Size: 512B - Virtual size: 499B

.RSRC4 Size: 2KB - Virtual size: 1KB

.RSRC0 Size: 1KB - Virtual size: 1KB

.RSRC7 Size: 1KB - Virtual size: 69KB

.RSRC9 Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 924B

CODE
Size: 63KB - Virtual size: 62KB

.data
Size: 135KB - Virtual size: 134KB

.RSRC3
Size: 4KB - Virtual size: 3KB

.RSRC8
Size: 512B - Virtual size: 499B

.RSRC4
Size: 2KB - Virtual size: 1KB

.RSRC0
Size: 1KB - Virtual size: 1KB

.RSRC7
Size: 1KB - Virtual size: 69KB

.RSRC9
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 924B