125df32524a543453df9491f698a8898ed61710098e3a8c0243ea9690af78eaf

General

Target

125df32524a543453df9491f698a8898ed61710098e3a8c0243ea9690af78eaf
Size

294KB
MD5

7f6ed746fd6498583a167804d28b7653
SHA1

4cb373e9e301b4faece6847687f4b8715b24bf39
SHA256

125df32524a543453df9491f698a8898ed61710098e3a8c0243ea9690af78eaf
SHA512

5f385ba908fb08f6dff7d01c66e0d3b486f69d78fe948d3e223da743c718013c5cc459ce504582a30e453cd2a7e5cc3417560c6cd2630e74d9bfc5ae111e25b3
SSDEEP

6144:a4Byd0kJEobOJwu3T+2nivi1m007afYvFyaCemeadLK6UU:aAoqFrnihMYv0aCemhKI

Score

N/A

Malware Config

Signatures

Files

125df32524a543453df9491f698a8898ed61710098e3a8c0243ea9690af78eaf
.exe windows x86

f696b06a2acdeb40fd80d5dc9e689c3a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantTimeToSystemTime
VariantInit
SysFreeString
VariantChangeType

ole32

StringFromGUID2

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

kernel32

UnhandledExceptionFilter
GetTimeFormatA
RaiseException
IsDebuggerPresent
GetModuleHandleA
GetDateFormatA
GetThreadLocale
FreeLibrary
WideCharToMultiByte
IsProcessorFeaturePresent
FormatMessageW
lstrlenA
LoadLibraryExW
SetUnhandledExceptionFilter
GetModuleHandleW
GetSystemTimeAsFileTime
GetPrivateProfileStringA
GetCurrentThreadId
LoadLibraryW
VirtualAllocEx

user32

LoadStringW
GetWindowTextA
MessageBoxA

shlwapi

SHQueryValueExA
PathIsUNCW
StrToIntExA
PathGetCharTypeW
PathMakeSystemFolderW
PathParseIconLocationA
UrlCreateFromPathW
PathSearchAndQualifyW
PathRemoveFileSpecA
PathMatchSpecW
SHLoadIndirectString
StrSpnW
UrlUnescapeW
SHRegSetPathA
SHRegGetPathA
StrRChrA
SHSkipJunction
UrlCombineA
PathFindExtensionW
SHRegQueryUSValueA
UrlCompareA
SHQueryValueExW
StrChrW

kbdmon

KbdLayerDescriptor

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 256KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 373KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f696b06a2acdeb40fd80d5dc9e689c3a

Headers

File Characteristics

Imports

oleaut32

ole32

advapi32

kernel32

user32

shlwapi

kbdmon

Sections

.text Size: 16KB - Virtual size: 16KB

.data Size: 256KB - Virtual size: 3.3MB

.rdata Size: 2KB - Virtual size: 373KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 16KB - Virtual size: 16KB

.data
Size: 256KB - Virtual size: 3.3MB

.rdata
Size: 2KB - Virtual size: 373KB

.rsrc
Size: 18KB - Virtual size: 18KB