79177fc549d2d1bb81031468756da38238e4e976a18df8d24a3fd80eb61cbd07

Sharing

Copy URL Twitter E-mail

General

Target

79177fc549d2d1bb81031468756da38238e4e976a18df8d24a3fd80eb61cbd07
Size

252KB
MD5

9ba12a06caad6469d160db1d5897d97a
SHA1

63dbc9e60397930f4fa98435b40d0bd19a116143
SHA256

79177fc549d2d1bb81031468756da38238e4e976a18df8d24a3fd80eb61cbd07
SHA512

a09d72b7ce70dc5ac3de20f64928c069028d52a872f81657291f02e8ac218ed980610553f83bc1dc91d41a02445cd019ee072ae68ac5d8dcc2d199ebaee0e9ba
SSDEEP

6144:DtqIokrses6C6U5ib/0Hw3BLR27NrLfYplt/uUU:DtlokrsEb/6wTuNrLQl

Score

N/A

Malware Config

Signatures

Files

79177fc549d2d1bb81031468756da38238e4e976a18df8d24a3fd80eb61cbd07
.exe windows x86

4f8ba5ae096732397499510d471baa54

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetVolumeLabelA
SetFileTime
GetProcessHeap
GetCommModemStatus
GetACP
FindNextChangeNotification
GlobalFlags
GetCurrentDirectoryW
CreateFileW
lstrcmpiA
EnumDateFormatsW
SetLastError
EraseTape
AreFileApisANSI
PulseEvent
GetAtomNameA
ExitThread
IsProcessorFeaturePresent
SetConsoleWindowInfo
GlobalReAlloc
RemoveDirectoryW
VirtualFree
LocalAlloc
SearchPathW
EnumSystemCodePagesA
FindFirstFileExW
PeekConsoleInputW
SwitchToFiber
GetBinaryTypeW
GetSystemDefaultLangID
ScrollConsoleScreenBufferA
CreateNamedPipeW
OutputDebugStringW
lstrcpyA
FreeLibrary
GetThreadPriority
CreateProcessA
FindFirstFileW
WaitNamedPipeA
LoadLibraryExW
LocalSize
RaiseException
_llseek
GetFileType
PurgeComm
GetFileInformationByHandle
FindResourceExA
GetLogicalDriveStringsA
OpenSemaphoreW
OpenFile
AllocConsole
GetDriveTypeA
SetFileAttributesA
lstrcatW
SetProcessWorkingSetSize
GetUserDefaultLCID
WriteConsoleOutputCharacterA
GetCommandLineW
GlobalDeleteAtom
SetConsoleMode
UnmapViewOfFile
GetVersionExA
SetProcessShutdownParameters
WriteProcessMemory
LoadLibraryExA
WritePrivateProfileSectionW
UnhandledExceptionFilter
IsBadStringPtrA
EnumResourceNamesA
GlobalGetAtomNameW
SetNamedPipeHandleState
GetBinaryTypeA
LocalFileTimeToFileTime
SetConsoleActiveScreenBuffer
GetFileAttributesExA
CreateEventA
EnumResourceLanguagesW
GetVolumeInformationW
EnumCalendarInfoW
GetCurrentProcessId
SetProcessAffinityMask
GetCommState
FatalAppExitA
GetUserDefaultLangID
FormatMessageA
OutputDebugStringA
GetCommandLineA
VirtualAlloc
GetProfileIntA
ExitProcess

user32

GetClassLongW
InvalidateRgn
GetMenuCheckMarkDimensions
GetSysColor
SetProcessDefaultLayout
UnregisterClassA
VkKeyScanA
GetMenuItemID
EnableMenuItem
SetDlgItemInt
SetScrollPos
MessageBeep
ShowScrollBar
FlashWindow
GetKeyboardType
DefFrameProcA
CreateAcceleratorTableW
DispatchMessageW
LoadMenuA
GetMenuItemInfoA
AdjustWindowRect
CharPrevW
CloseClipboard
OpenIcon
SetClassLongW
EnumDesktopsW
EqualRect
GetWindowThreadProcessId
SetWindowLongW
GetDoubleClickTime
GetCaretPos
EnumWindowStationsW
GetParent
UnregisterHotKey
GetActiveWindow
LoadKeyboardLayoutW
BroadcastSystemMessageA

comdlg32

FindTextA
GetSaveFileNameW
GetFileTitleA

advapi32

FreeSid
CloseServiceHandle
RegCreateKeyW
RegisterEventSourceA
AccessCheck
RegDeleteKeyW
RegSetValueExA
LookupAccountNameW
EqualSid
CryptGenKey
DuplicateToken
StartServiceW
IsValidSecurityDescriptor
GetSidSubAuthorityCount
LookupAccountSidA
PrivilegeCheck
IsValidAcl
LookupAccountSidW
RegQueryValueA
RegSetValueExW
AdjustTokenPrivileges
RegLoadKeyA

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderPathA
SHGetSettings
ShellExecuteA
SHFileOperationA

ole32

CoTaskMemRealloc

oleaut32

SysAllocStringLen
SafeArrayPutElement

comctl32

ImageList_DrawIndirect
ImageList_DragLeave
ImageList_DragShowNolock
ImageList_GetBkColor

shlwapi

PathStripToRootA
StrChrW
SHCreateStreamOnFileW
PathRemoveFileSpecA
StrToIntW
PathUnquoteSpacesW
PathFindOnPathW
StrStrIA
wvnsprintfW
PathIsUNCA
PathIsUNCServerW
StrCmpIW
SHRegQueryUSValueW
StrChrA
SHStrDupW
PathIsDirectoryW

Sections

.text
Size: 236KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4f8ba5ae096732397499510d471baa54

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 236KB - Virtual size: 233KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 2KB

.text
Size: 236KB - Virtual size: 233KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 2KB