c51ba7f0a1246db56733f6eeb76ad882b290153dc2be54b4ecab4df76aa16050

Sharing

Copy URL Twitter E-mail

General

Target

c51ba7f0a1246db56733f6eeb76ad882b290153dc2be54b4ecab4df76aa16050
Size

192KB
MD5

40f71d453f1ea135ed9305be5a1dbabe
SHA1

57f0fcfa24fa0188544e3576f25893dddcbb2213
SHA256

c51ba7f0a1246db56733f6eeb76ad882b290153dc2be54b4ecab4df76aa16050
SHA512

b1671e0a17e16d3a66f7811794c82e95cd9cc29d0c3544452f69d37414bbbb854edf311d78f5b36a53fa37fb5c22af32c31c15bfc94cb75df1fe2b8a76fb577f
SSDEEP

768:Tex2ujiwHtSA2zpxoxkLOhhirZvMvNvFo6A/n2auqbjfZqbjf8:TeMuGstS+2Oh01MKP2ijfgjf8

Score

N/A

Malware Config

Signatures

Files

c51ba7f0a1246db56733f6eeb76ad882b290153dc2be54b4ecab4df76aa16050
.exe windows x86

fb039e5e65172a182d459c5afa49f3fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupui

?Run@@YAKPB_W0@Z

kernel32

InitializeCriticalSection
GetLastError
EnterCriticalSection
GetModuleFileNameW
GetCurrentThreadId
lstrcmpiW
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
MultiByteToWideChar
GetSystemTimeAsFileTime
LoadLibraryExW
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
GetModuleHandleW
FindResourceW
RaiseException
LoadResource
SizeofResource
FreeLibrary
lstrlenW
LeaveCriticalSection
GetVersionExA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
Sleep
GetThreadLocale
InterlockedExchange
GetACP
GetCurrentProcessId
GetLocaleInfoA

user32

DestroyWindow
DefWindowProcW
CharNextW
MessageBoxW
UnregisterClassA

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegOpenKeyExW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx

msvcr80

??3@YAXPAX@Z
free
memcpy_s
??_V@YAXPAX@Z
??2@YAPAXI@Z
_CxxThrowException
_recalloc
malloc
memset
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_invoke_watson
_controlfp_s
__CxxFrameHandler3
wcsncpy_s

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.prdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fb039e5e65172a182d459c5afa49f3fd

Headers

File Characteristics

Imports

setupui

kernel32

user32

advapi32

ole32

oleaut32

comctl32

msvcr80

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 27KB - Virtual size: 26KB

.prdata Size: 60KB - Virtual size: 60KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 27KB - Virtual size: 26KB

.prdata
Size: 60KB - Virtual size: 60KB