b40bc451a3b8df69e92f4dad553394e088af1bedd6f23346be20d9fbd2b5bf7a

Sharing

Copy URL Twitter E-mail

General

Target

b40bc451a3b8df69e92f4dad553394e088af1bedd6f23346be20d9fbd2b5bf7a
Size

144KB
MD5

527c5c57e212f0ee5d69b6b4dd671a68
SHA1

1948e1162fafd76d4b14fe14490ad4fb80566d65
SHA256

b40bc451a3b8df69e92f4dad553394e088af1bedd6f23346be20d9fbd2b5bf7a
SHA512

3402dc5833ca2dc5cacdb97dd75830d22950b0eb075c6512b1d7f2f4c5a09595bcf7479df8d46864016dd309e68eb22f4a80a65f75e0a48ade9706469d6ebf3a
SSDEEP

1536:LXT9v2mjiEq8+n3g8M828slGDN1URU4pkOn43hDV3aMEDVaMcpkm:LD9v2mQ8+v/icDIRUXg43h0MMV9S

Score

N/A

Malware Config

Signatures

Files

b40bc451a3b8df69e92f4dad553394e088af1bedd6f23346be20d9fbd2b5bf7a
.exe windows x86

032dee8197f78a06cca0ce5813ccf9ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsUNCW
PathRemoveBackslashW
wnsprintfW
UrlCanonicalizeW
AssocQueryStringW
SHDeleteKeyW
PathStripToRootW
StrCmpW
UrlUnescapeW
PathIsDirectoryW
StrToIntExW
PathCombineW
StrCmpIW
wnsprintfA
StrTrimW
StrStrIW
PathRemoveFileSpecA
StrChrW

comdlg32

ChooseColorW
GetSaveFileNameA
ChooseFontW
GetFileTitleA
CommDlgExtendedError

ole32

StgOpenStorage
CoSetProxyBlanket
PropVariantClear
OleLoadFromStream
CLSIDFromProgID
StringFromGUID2
CoTaskMemRealloc
CoFreeUnusedLibraries
MkParseDisplayName
CoRevokeClassObject
OleRun
CoUninitialize
IIDFromString
WriteClassStm
CreateStreamOnHGlobal
CoGetClassObject
CoCreateInstanceEx
CoCreateGuid
CLSIDFromString
OleRegEnumVerbs
CoInitialize
GetRunningObjectTable
CoInitializeEx

msvcrt

wcscpy
fwrite
isalpha
rand
_ltoa
_isatty
__p__commode
_itow
_XcptFilter
sscanf
wcsstr
strtok
_fileno
towlower
_CIsqrt
fread
_c_exit
_wcsicmp
??1type_info@@UAE@XZ
__set_app_type
ceil
towupper

kernel32

IsBadCodePtr
SizeofResource
GetExitCodeProcess
GetUserDefaultLCID
lstrlenA
WriteConsoleW
ExitProcess
lstrcpyA
GetCurrentThreadId
GetConsoleOutputCP
GetLocalTime
FileTimeToSystemTime
GetCPInfo
HeapSize
InitializeCriticalSectionAndSpinCount
FindResourceW
DeleteCriticalSection
FreeEnvironmentStringsW
MapViewOfFile
GetStringTypeW
VirtualAlloc
DisableThreadLibraryCalls
GetTempPathA
GetFullPathNameW
TlsFree
IsBadReadPtr
InterlockedCompareExchange
FindNextFileW
GetProcAddress
GetFileSize
HeapDestroy

Sections

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 48KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 47KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

032dee8197f78a06cca0ce5813ccf9ac

Headers

File Characteristics

Imports

shlwapi

comdlg32

ole32

msvcrt

kernel32

Sections

.rdata Size: 8KB - Virtual size: 8KB

.text Size: 9KB - Virtual size: 8KB

DATA Size: 29KB - Virtual size: 29KB

.rdata Size: 48KB - Virtual size: 62KB

.idata Size: 47KB - Virtual size: 94KB

.rdata
Size: 8KB - Virtual size: 8KB

.text
Size: 9KB - Virtual size: 8KB

DATA
Size: 29KB - Virtual size: 29KB

.rdata
Size: 48KB - Virtual size: 62KB

.idata
Size: 47KB - Virtual size: 94KB