99c0afabc75d7d72de440a88763b7f499484d171e421eb24dbb5fd7b2105d1c8

Sharing

Copy URL Twitter E-mail

General

Target

99c0afabc75d7d72de440a88763b7f499484d171e421eb24dbb5fd7b2105d1c8
Size

252KB
MD5

3fe0d513e688d8042d0ea84ef235eae8
SHA1

547fe9b522c76a15c4156fb9a822664a2c13970f
SHA256

99c0afabc75d7d72de440a88763b7f499484d171e421eb24dbb5fd7b2105d1c8
SHA512

6a6803094742bb959bf42e294904a4a0bcff2e90e369d307ebe8b321cba2c69b55e13702b1b31560cb2a2b9e2eb9097fe105fe7184a1b87f751ea22b3263ca70
SSDEEP

3072:SgscKjtnYaXibt+zUaeLrzvFuL/hR018p+gnwdXjtRVB+AMDle6we8mKSll65XsR:SZdat+IzvFuLJ218p+gnwhZXMjYBRXs

Score

N/A

Malware Config

Signatures

Files

99c0afabc75d7d72de440a88763b7f499484d171e421eb24dbb5fd7b2105d1c8
.exe windows x86

dae50c6823a7ec263e0f8f232ed3d26b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrcatW
CreateFileW
VirtualAlloc

msvcrt

memset

advapi32

RegOpenKeyExW

shell32

DragFinish
SHGetIconOverlayIndexW
ShellExecuteA
ShellExecuteW
ShellExecuteEx
DuplicateIcon
SHGetSpecialFolderPathW
ShellAboutW
SHGetPathFromIDListA
ExtractAssociatedIconA
ShellExecuteExW
SHBrowseForFolderW
WOWShellExecute
SHEmptyRecycleBinW
SHFormatDrive
DragQueryFileA
SHCreateDirectoryExW
DragAcceptFiles
SHInvokePrinterCommandW
SHGetDiskFreeSpaceExA
DoEnvironmentSubstA
SHGetFolderLocation
DragQueryPoint
Shell_NotifyIcon
SHCreateDirectoryExA
SHBindToParent
SHQueryRecycleBinA
SHPathPrepareForWriteW
SHGetDiskFreeSpaceExW
SHGetDataFromIDListA
ExtractIconW
DragQueryFileW
SHBrowseForFolder
SHGetFileInfo
FindExecutableA
Shell_NotifyIconW
SHGetIconOverlayIndexA
ExtractAssociatedIconW
SHFileOperation
SHLoadNonloadedIconOverlayIdentifiers
SHBrowseForFolderA
SHGetPathFromIDListW
SHLoadInProc
ShellHookProc
Shell_NotifyIconA
SHFileOperationA
ExtractAssociatedIconExW
SHQueryRecycleBinW
SHGetFolderPathA
SHAppBarMessage
SHIsFileAvailableOffline
ExtractIconEx

ole32

CoGetCallerTID
STGMEDIUM_UserFree
CoDisconnectObject
CoDisableCallCancellation
HWND_UserSize
RegisterDragDrop
CoWaitForMultipleHandles
OleRun
CoRegisterMallocSpy
CoRegisterSurrogate
StringFromCLSID
CoTreatAsClass
HDC_UserFree
CoCreateObjectInContext
CoLockObjectExternal
WdtpInterfacePointer_UserSize
HMENU_UserSize
CoUnmarshalHresult
StgOpenAsyncDocfileOnIFillLockBytes
StgPropertyLengthAsVariant
OleConvertOLESTREAMToIStorageEx
CoGetCancelObject
CoIsHandlerConnected
CoRegisterChannelHook
CreateDataCache
CoReleaseMarshalData
CoQueryClientBlanket
CreateGenericComposite
CoGetInstanceFromIStorage
HBRUSH_UserFree
CoGetApartmentID
CoInitializeWOW
StgOpenPropStg
BindMoniker
OleCreate
CoQueryAuthenticationServices
CoUnloadingWOW
CoSetCancelObject
OleRegEnumVerbs
CoQueryProxyBlanket
OleIsRunning
CoTaskMemAlloc
OleSetClipboard
StgIsStorageILockBytes
OleGetClipboard
CoIsOle1Class
CreateObjrefMoniker
UpdateDCOMSettings
HWND_UserMarshal
SNB_UserMarshal
StgGetIFillLockBytesOnILockBytes
OleCreateLinkToFileEx
CoTaskMemRealloc
GetDocumentBitStg
CLIPFORMAT_UserSize
CoGetStandardMarshal
OleQueryLinkFromData
HMETAFILE_UserSize
STGMEDIUM_UserSize
OleSave
CoCreateGuid
CoGetObject
ReadOleStg
CoCopyProxy
OleBuildVersion
OleSetContainedObject
HMETAFILEPICT_UserSize
CoInstall
STGMEDIUM_UserMarshal
HICON_UserMarshal
HENHMETAFILE_UserFree
HMENU_UserFree
CoFreeAllLibraries
CoImpersonateClient
GetRunningObjectTable
UtGetDvtd32Info
WriteFmtUserTypeStg
GetConvertStg
DoDragDrop
FreePropVariantArray
CoQueryReleaseObject
HACCEL_UserUnmarshal
GetClassFile
CoGetMarshalSizeMax
GetHookInterface
StgCreatePropSetStg
OleRegGetMiscStatus
OleFlushClipboard

shlwapi

StrCmpNIA
StrRChrW
StrCmpNA
StrStrA
StrRStrIW
StrStrW
StrChrA
StrRStrIA
StrRChrIA

Sections

.text
Size: 235KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dae50c6823a7ec263e0f8f232ed3d26b

Headers

File Characteristics

Imports

kernel32

msvcrt

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 235KB - Virtual size: 235KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 10KB - Virtual size: 9KB

.reloc Size: 1024B - Virtual size: 872B

.text
Size: 235KB - Virtual size: 235KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 10KB - Virtual size: 9KB

.reloc
Size: 1024B - Virtual size: 872B