874204e2f9dad9e39f5afe9123fc7a99b5ff0f0246a26efd1f2ff201c29d7fed

Sharing

Copy URL

Twitter E-mail

General

Target

874204e2f9dad9e39f5afe9123fc7a99b5ff0f0246a26efd1f2ff201c29d7fed
Size

101KB
MD5

411ea607b437730b0ba78a6acdcdd6c5
SHA1

3966ce9c0cd19252cc5d24c23033b237ec121687
SHA256

874204e2f9dad9e39f5afe9123fc7a99b5ff0f0246a26efd1f2ff201c29d7fed
SHA512

fce5f265d9917caa8795f538bfbc96660b6b47a3677ca08fe493a5409f9f25d0c4d33fb0df643a505273aff0fb4d9c911b7722e9fa118362edf90936d79958f3
SSDEEP

3072:neQx/9pLjd3r2yZD3Cfxk4siwfQKgwkjgErdrnU39mo:eQp/hFyfxL6fxTILrxnUNm

Score

N/A

Malware Config

Signatures

Files

874204e2f9dad9e39f5afe9123fc7a99b5ff0f0246a26efd1f2ff201c29d7fed
.exe windows x86

411712cf9077dfc1faf86463986f9d53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strcmp
strcpy
_adjust_fdiv
_onexit
calloc
__set_app_type
_acmdln
fread
__setusermatherr
fclose
__p__fmode
_setmode
__p__commode
fseek
free
malloc
_initterm
fopen
_XcptFilter
remove
__getmainargs
_exit
printf
exit
fputc
fwrite
wcslen
strlen
abort
strchr
_strnicmp
_except_handler3
__p__environ
sprintf

kernel32

WideCharToMultiByte
GetVersion
GetStdHandle
FlushFileBuffers
GetCommandLineW
SetCurrentDirectoryA
GetFullPathNameA
Sleep
LoadLibraryA
GetModuleHandleW
VirtualAlloc
GetProcAddress

advapi32

GetSecurityDescriptorDacl
CryptReleaseContext
OpenSCManagerW
IsValidSid
CryptAcquireContextA
RegDeleteKeyA
RegSetValueExW
GetUserNameA
GetTokenInformation

user32

DispatchMessageA
BeginPaint
SetWindowPlacement
EqualRect
GetSysColor
SetWindowPos
RegisterClassA
SetFocus
RegisterClipboardFormatA
GetMenuItemID
InvalidateRect
IsIconic

shell32

SHGetPathFromIDListW
SHGetFolderPathW
SHBindToParent
SHGetSpecialFolderLocation
ExtractAssociatedIconW
SHCreateDirectoryExW
SHGetFileInfo
ExtractIconExW
FindExecutableW
ExtractIconA
SHFileOperationW
SHGetDiskFreeSpaceExW

oleaut32

SysAllocStringByteLen
SysAllocStringLen
SafeArrayPutElement
SafeArrayUnaccessData
SafeArrayCreate
GetActiveObject
VariantClear
SafeArrayGetUBound

ole32

ProgIDFromCLSID
RegisterDragDrop
OleDraw
IIDFromString
CLSIDFromString
CoTaskMemAlloc
OleIsCurrentClipboard
IsAccelerator

comctl32

InitCommonControls
ImageList_GetBkColor
CreateToolbarEx
ImageList_Replace
PropertySheetA
InitializeFlatSB
ImageList_SetIconSize
ImageList_SetOverlayImage
ImageList_LoadImageA
CreateStatusWindowA
ImageList_EndDrag
ImageList_DragEnter

gdi32

GetPixel
GetEnhMetaFileHeader
RectVisible
GetObjectW
SetBkColor
FrameRgn
GetBrushOrgEx
ArcTo
GetMapMode

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 37KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

411712cf9077dfc1faf86463986f9d53

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

user32

shell32

oleaut32

ole32

comctl32

gdi32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 37KB - Virtual size: 63KB

.rsrc Size: 56KB - Virtual size: 60KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 37KB - Virtual size: 63KB

.rsrc
Size: 56KB - Virtual size: 60KB