cff7567c876532329cb3b819aa928362201d52f4433f982fba30daff9936888e

Sharing

Copy URL Twitter E-mail

General

Target

cff7567c876532329cb3b819aa928362201d52f4433f982fba30daff9936888e
Size

291KB
MD5

af64f68b970847342210c7ba2654d781
SHA1

bdfc5e42af2c1ada410a5249879ce7900e667225
SHA256

cff7567c876532329cb3b819aa928362201d52f4433f982fba30daff9936888e
SHA512

37faf90060efd5c92915df8d52df8eb2f0810ef1bcdb1a6c429098c8e3c3322b9d3580ff26f6b7c5177958d22216264c07ba2fbbaa39d148056941525a522cf0
SSDEEP

6144:nfXSq43yl0YKkM/gxo7O3T5LpanOV9ILrDSUWuZfX2i:fwyy8M/g67ulLWomLrDSUvZvl

Score

N/A

Malware Config

Signatures

Files

cff7567c876532329cb3b819aa928362201d52f4433f982fba30daff9936888e
.exe windows x86

8ca49360c435072fb671dbb2e1ab1a57

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StringFromGUID2
CoLockObjectExternal

shlwapi

PathAppendW
PathAddBackslashW
PathRemoveFileSpecW

user32

MessageBoxW
GetWindowLongA

oleaut32

VarBstrCat
SysFreeString
SysStringLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringByteLen
SysAllocStringLen
VarBstrCmp
SysAllocString
VariantTimeToSystemTime
VariantCopy
SysStringByteLen
VarBstrFromDec

kernel32

GetConsoleCP
CreateFileW
WideCharToMultiByte
GetDateFormatW
GetStdHandle
TlsSetValue
lstrlenA
WriteConsoleW
GetModuleHandleA
GetCommandLineA
GetTimeFormatW
GetFileType
SetLastError
UnhandledExceptionFilter
IsProcessorFeaturePresent
HeapFree
WriteFile
FlushFileBuffers
CloseHandle
IsValidCodePage
DeleteCriticalSection
lstrlenW
RtlUnwind
FindResourceW
EnterCriticalSection
HeapSize
SetFilePointer
SetStdHandle
GetConsoleMode
GetOEMCP
InitializeCriticalSectionAndSpinCount
SizeofResource
HeapDestroy
LoadResource
GetProcessHeap
GetThreadLocale
HeapReAlloc
GetSystemTimeAsFileTime
LockResource
TlsGetValue
SetUnhandledExceptionFilter
RaiseException
LeaveCriticalSection
GetUserDefaultLCID
LCMapStringW
FindResourceExW
HeapAlloc
GetModuleHandleW
GetACP
EnumSystemLocalesA
TlsAlloc
IsValidLocale
GetCurrentThreadId
FormatMessageW
SetHandleCount
FreeLibrary
FreeEnvironmentStringsW
IsDebuggerPresent
TlsFree
GetStartupInfoA
VirtualAlloc

advapi32

RegConnectRegistryW
RegCreateKeyExW
RegQueryInfoKeyW
RegDeleteKeyA
RegEnumKeyExW
RegQueryValueExW
RegEnumValueW
RegSetValueExW
RegEnumKeyA
RegSetValueExA
RegCreateKeyA
RegDeleteKeyW
RegCreateKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegOpenKeyA

comctl32

CreateStatusWindow
ImageList_Duplicate
ImageList_SetFlags
InitCommonControlsEx
GetMUILanguage
ImageList_BeginDrag

pstorsvc

ServiceEntry

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ca49360c435072fb671dbb2e1ab1a57

Headers

File Characteristics

Imports

ole32

shlwapi

user32

oleaut32

kernel32

advapi32

comctl32

pstorsvc

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 264KB - Virtual size: 283KB

.rsrc Size: 2KB - Virtual size: 9KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 264KB - Virtual size: 283KB

.rsrc
Size: 2KB - Virtual size: 9KB