70bdf5387e5158da89daedd51cf2c6ba0142fa36a33a2b0592de768ebc80a31d

Sharing

Copy URL Twitter E-mail

General

Target

70bdf5387e5158da89daedd51cf2c6ba0142fa36a33a2b0592de768ebc80a31d
Size

108KB
MD5

747791185f94a4474bf5a0832a2dbc52
SHA1

83e800912f55a246133c466fcfeda53dc638c26c
SHA256

70bdf5387e5158da89daedd51cf2c6ba0142fa36a33a2b0592de768ebc80a31d
SHA512

55ae07fb3e3d5449a0db7d54e22010c7a8c3bdde21981c1cd27b3a43d38ab948ccb1a9c919f1e7752572cdc334b87c6604a185c1109390b22a678bbb3d1fc840
SSDEEP

3072:7LnOhvGbG41ml0pLLawc1VtXQB8fTaWrnushLER4Fhvomnwh:/oF4D5LaP1VtA4+/stEudomnwh

Score

N/A

Malware Config

Signatures

Files

70bdf5387e5158da89daedd51cf2c6ba0142fa36a33a2b0592de768ebc80a31d
.exe windows x86

4e89c111f21c29923ea2ba652afa66e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__setusermatherr
free
fflush
__p___initenv
strrchr
__getmainargs
fclose
_XcptFilter
_controlfp
_write
_except_handler3
_adjust_fdiv
fwrite
__p__fmode
_exit
__set_app_type
__p__commode
_initterm
getenv
__p__environ
sqrt
calloc

comdlg32

GetOpenFileNameA

kernel32

CopyFileA
RtlUnwind
GetACP
GetTempPathW
IsBadWritePtr
InterlockedIncrement
GetSystemTime
MulDiv
VirtualAlloc
DeleteFileW
GetNumberFormatA
GetTempPathA
VirtualProtectEx
lstrlenA
lstrcmpiW
LocalAlloc
lstrcmpA
GetStringTypeExA

user32

SystemParametersInfoA
IntersectRect
GetDC
CallWindowProcA
MessageBoxA
GetClientRect
SetScrollInfo
CharNextA
LoadIconA
GetForegroundWindow
SetDlgItemTextA

comctl32

ImageList_BeginDrag
CreateStatusWindowA
InitCommonControlsEx
ImageList_DragEnter
ImageList_Replace
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_GetIconSize
PropertySheetW
InitializeFlatSB
ImageList_DragLeave
ImageList_LoadImageW
ImageList_GetIcon
ImageList_EndDrag

ole32

CoGetInterfaceAndReleaseStream
CoSetProxyBlanket
OleSetClipboard
CoInitializeSecurity
StringFromGUID2
CoRegisterMessageFilter
ProgIDFromCLSID
CoCreateInstance
RevokeDragDrop
CreateStreamOnHGlobal
CoInitialize

advapi32

CryptCreateHash
CryptGenRandom
InitializeSecurityDescriptor
OpenServiceW
AdjustTokenPrivileges
RegEnumKeyA
RegEnumKeyExA
EqualSid
CopySid
RegQueryValueA
GetLengthSid

gdi32

GetTextExtentPoint32W
CreateRectRgn
GetPixel
RoundRect
CreateEnhMetaFileA
GetCharacterPlacementA
BitBlt
GetEnhMetaFileHeader
GetBitmapBits
CreateMetaFileW
PlayMetaFile
StartDocA
PtVisible
GetTextExtentPoint32A

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e89c111f21c29923ea2ba652afa66e4

Headers

File Characteristics

Imports

msvcrt

comdlg32

kernel32

user32

comctl32

ole32

advapi32

gdi32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 9KB - Virtual size: 46KB

.rsrc Size: 27KB - Virtual size: 27KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 9KB - Virtual size: 46KB

.rsrc
Size: 27KB - Virtual size: 27KB