cf0a7def7cc21cb2e59db0c39ed46f79ea87c111c8d460aa0aeafcd481386eb0

Sharing

Copy URL

Twitter E-mail

General

Target

cf0a7def7cc21cb2e59db0c39ed46f79ea87c111c8d460aa0aeafcd481386eb0
Size

104KB
MD5

3ec31d1e7b09e274fb5c595030c3eef5
SHA1

b62be57b636777bce71fc5b443a6eb249cbb25ff
SHA256

cf0a7def7cc21cb2e59db0c39ed46f79ea87c111c8d460aa0aeafcd481386eb0
SHA512

08a11f99f84346350601e0d5b13d50da01f43911bf61558442929a135c3ec33bc92e6efa372b4c4942e968b58f96bc0369a64130dc0013ab7e34f1c06c12533f
SSDEEP

3072:CEvYeaciAFNUomLPJkkWS+uY3k80uKbzc:VYQFNvMuS+L4Db

Score

N/A

Malware Config

Signatures

Files

cf0a7def7cc21cb2e59db0c39ed46f79ea87c111c8d460aa0aeafcd481386eb0
.exe windows x86

a225493bc6203d9c1fe87a43450a71f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__setusermatherr
_adjust_fdiv
printf
remove
__set_app_type
strlen
strstr
fwrite
_initterm
fseek
fclose
__getmainargs
free
_acmdln
_XcptFilter
fputc
memset
_except_handler3
_iob
_vsnprintf
strcmp
_exit
malloc
__p__fmode
exit
fopen
strcpy
wcslen
__p__commode
_onexit
fread

kernel32

ExpandEnvironmentStringsA
GetProcAddress
WriteConsoleA
RaiseException
TerminateProcess
GetEnvironmentStrings
GetExitCodeProcess
LoadLibraryA
GetConsoleMode
CreateDirectoryA
GetStringTypeExA
GetModuleHandleW
GetTempFileNameA
GetSystemDirectoryW

user32

IntersectRect
SetWindowTextA
RegisterWindowMessageA
GetWindowRect
CallNextHookEx
SetRect
SetClipboardData
GetDesktopWindow
GetScrollInfo
SetFocus

shell32

SHGetSpecialFolderPathA
SHBrowseForFolderA
SHGetFolderLocation
SHGetSpecialFolderPathW
SHAddToRecentDocs
ExtractIconA
DoEnvironmentSubstW
SHGetDiskFreeSpaceExW
ShellExecuteEx

oleaut32

VariantCopy
SysStringByteLen
SysStringLen
VariantInit
SafeArrayCreate
GetErrorInfo
CreateErrorInfo
SafeArrayPutElement
SafeArrayUnaccessData
SysAllocStringByteLen

ole32

GetRunningObjectTable
ReleaseStgMedium
StgOpenStorageOnILockBytes
CreateItemMoniker
PropVariantClear
CreateBindCtx
StringFromGUID2
CoFreeUnusedLibraries
CoGetClassObject

comctl32

ImageList_Add
ImageList_SetImageCount
ImageList_Draw
ImageList_GetImageCount
PropertySheetA
ImageList_ReplaceIcon
ImageList_GetBkColor
ImageList_DragLeave
ImageList_AddMasked
ImageList_GetIcon
ImageList_Read

gdi32

SetROP2
GetViewportExtEx
CreateCompatibleDC
ExtFloodFill
GetDIBits
GetCurrentObject
CreateICA
SetDIBitsToDevice
SetAbortProc

advapi32

FreeSid
OpenSCManagerA
RegQueryValueExA
OpenProcessToken
CryptDestroyHash
LookupPrivilegeValueW
RegOpenKeyW
IsValidSid
GetUserNameA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 37KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a225493bc6203d9c1fe87a43450a71f6

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

shell32

oleaut32

ole32

comctl32

gdi32

advapi32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 37KB - Virtual size: 63KB

.rsrc Size: 60KB - Virtual size: 60KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 37KB - Virtual size: 63KB

.rsrc
Size: 60KB - Virtual size: 60KB