2f165cc6b2da639c6c5a8bfa5f830bd6d102f279cbbff3fa0f12d76517f8aea7

Sharing

Copy URL Twitter E-mail

General

Target

2f165cc6b2da639c6c5a8bfa5f830bd6d102f279cbbff3fa0f12d76517f8aea7
Size

784KB
MD5

a97c5c4862fc486be214d6f0a7f53ffc
SHA1

66e9075e2d464f94ff597c1743353cf6265dc2d8
SHA256

2f165cc6b2da639c6c5a8bfa5f830bd6d102f279cbbff3fa0f12d76517f8aea7
SHA512

b0fb61ef50a4e1d60c21a2d0ba5c332062555cc55aa3c829d7442e7e3f4100c8a7b4d1e85fbd98a767d3ac709fd5a72e7a20bd635856b51d9d87d928aecdbd55
SSDEEP

12288:DJN85DeWgreEN6utQ+tWTHnpwWW0Rq3WCfscrPlf9Ypx8dEibNa:shgXptSfWP9r12z8y

Score

N/A

Malware Config

Signatures

Files

2f165cc6b2da639c6c5a8bfa5f830bd6d102f279cbbff3fa0f12d76517f8aea7
.exe windows x86

b5b1d5917a9bf6223514984788228e32

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleaut32

SafeArrayGetUBound
SysFreeString
VariantCopy
SafeArrayCreate
VariantChangeType
SafeArrayGetLBound
VariantChangeTypeEx
VariantClear
VariantCopyInd
SysAllocStringLen
SysAllocStringByteLen
SafeArrayPtrOfIndex
GetActiveObject
SysReAllocStringLen
GetErrorInfo
SysStringLen
VariantInit

ulib

?Fatal@PROGRAM@@UBEXXZ
?IsValueSet@ARGUMENT@@QAEEXZ
?Initialize@CLASS_DESCRIPTOR@@QAEEXZ
??0LONG_ARGUMENT@@QAE@XZ
?Put@ARRAY@@UAEEPAVOBJECT@@@Z
??1STRING_ARGUMENT@@UAE@XZ
?SetFileName@FSN_FILTER@@QAEEPBVWSTRING@@@Z
?Initialize@KEYBOARD@@QAEEEE@Z
?DisplayMsg@MESSAGE@@QAEEKW4MESSAGE_TYPE@@K@Z
?QueryInvalidArgument@ARGUMENT_LEXEMIZER@@QAEPAVWSTRING@@XZ
??0MESSAGE@@QAE@XZ
?Initialize@FSN_FILTER@@QAEEXZ
?AppendBase@PATH@@QAEEPBVWSTRING@@E@Z
?PrepareToParse@ARGUMENT_LEXEMIZER@@QAEEPAVWSTRING@@@Z
??0CLASS_DESCRIPTOR@@QAE@XZ
?QueryWCExpansion@PATH@@QAEPAV1@PAV1@@Z
?Insert@LIST@@QAEEPAVOBJECT@@PAVITERATOR@@@Z
?QueryDriveType@SYSTEM@@SG?AW4DRIVE_TYPE@@PBVWSTRING@@@Z
??_7OBJECT@@6B@

shell32

SHGetFolderLocation
SHGetSpecialFolderPathW
DragAcceptFiles
SHGetFileInfoW
Shell_NotifyIconA
SHGetSpecialFolderLocation
SHFileOperationW
SHUpdateRecycleBinIcon
SHGetIconOverlayIndexW
ShellAboutA
SHGetPathFromIDListW
SHBindToParent
SHGetSettings
DragQueryFileW
DragFinish
SheChangeDirExW
SHGetPathFromIDListA
SHBrowseForFolderA

msvcrt

_purecall
??2@YAPAXI@Z
??1exception@@UAE@XZ
iswcntrl
_mbsstr
?_set_new_mode@@YAHH@Z
_CIasin
_clearfp
srand
_ltoa
_wgetcwd
_fcvt
_ismbcdigit
_ismbblead
_sopen
printf
_ftol
iscntrl
wcsftime
fgetpos
_dup2
__initenv
_itow
__crtLCMapStringA
tmpnam
_stricmp
fflush
_get_osfhandle
ceil
_wasctime
_lseeki64

kernel32

DisableThreadLibraryCalls
VirtualAlloc
ReadProcessMemory
SetConsoleTitleW
GetCPInfo
GetCommandLineA
lstrcmpiW
WriteConsoleInputA
ProcessIdToSessionId
GetCommModemStatus
RtlZeroMemory
Module32Next
GetSystemDirectoryA
HeapAlloc
GetModuleFileNameW
GetVolumePathNameA
OpenWaitableTimerW
GetCurrentDirectoryA
CompareStringW

crypt32

CryptMsgVerifyCountersignatureEncoded

advapi32

CloseServiceHandle
GetAclInformation
RegSetValueExW
AccessCheckAndAuditAlarmA
OpenServiceW
AccessCheckAndAuditAlarmW
ProcessTrace
ConvertStringSidToSidA
LsaOpenPolicy
AddAuditAccessObjectAce
CryptGetProvParam
AccessCheck
InitializeAcl
RegisterTraceGuidsW
GetServiceDisplayNameW
CryptDeriveKey
CopySid
SetSecurityDescriptorControl

Sections

.data
Size: 1024B - Virtual size: 855B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 438B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 28KB - Virtual size: 452KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 405KB - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 187KB - Virtual size: 411KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5b1d5917a9bf6223514984788228e32

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

ulib

shell32

msvcrt

kernel32

crypt32

advapi32

Sections

.data Size: 1024B - Virtual size: 855B

.rdata Size: 1024B - Virtual size: 438B

.text Size: 28KB - Virtual size: 452KB

.data Size: 405KB - Virtual size: 604KB

.idata Size: 187KB - Virtual size: 411KB

.rsrc Size: 160KB - Virtual size: 159KB

.reloc Size: 1024B - Virtual size: 202B

.data
Size: 1024B - Virtual size: 855B

.rdata
Size: 1024B - Virtual size: 438B

.text
Size: 28KB - Virtual size: 452KB

.data
Size: 405KB - Virtual size: 604KB

.idata
Size: 187KB - Virtual size: 411KB

.rsrc
Size: 160KB - Virtual size: 159KB

.reloc
Size: 1024B - Virtual size: 202B