ce8c2041edf728cf05a3545a884a817fe603891f78edce33ae9d240b8a78d595

Sharing

Copy URL Twitter E-mail

General

Target

ce8c2041edf728cf05a3545a884a817fe603891f78edce33ae9d240b8a78d595
Size

329KB
MD5

4b5a60830e7a90ea8917853d4a30c0a8
SHA1

ce29c4059130fdf8e976319ae19c7475514632a5
SHA256

ce8c2041edf728cf05a3545a884a817fe603891f78edce33ae9d240b8a78d595
SHA512

dad213fcf2577286864c1bbb6e349a2886417e41d99f4680be7dcdcba4f4e95c46dadfab14a5f3615611da606b2af4607d78b799215c08fe2397fcf389f7a71b
SSDEEP

6144:gOYFNgBAY0IMFk90MQ0gQXcDVx4w5XrT9nwYSPn9:gOiZFn2w4Ch49

Score

N/A

Malware Config

Signatures

Files

ce8c2041edf728cf05a3545a884a817fe603891f78edce33ae9d240b8a78d595
.exe windows x86

02e54fd60a714fb0db04147d2bb342c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

BeginPaint
SetForegroundWindow
DestroyIcon
ScreenToClient
SendMessageA
PostMessageA
SendMessageW
RegisterClipboardFormatW
DrawTextW
EndPaint
GetDC
FindWindowExW
CharPrevA
InflateRect
GetSystemMetrics
ReleaseDC
CharUpperA

gdi32

BitBlt
SaveDC
RestoreDC
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
DeleteDC

kernel32

GetACP
HeapFree
LeaveCriticalSection
GetModuleHandleA
lstrcmpiA
FileTimeToSystemTime
CloseHandle
EnterCriticalSection
FreeLibrary
GetShortPathNameA
GetProcessHeap
CreateFileA
lstrcpynA
GetSystemTime
GetFileInformationByHandle
WaitForSingleObject
CreateMutexA
GlobalAlloc
ReleaseMutex
lstrlenA
WideCharToMultiByte
FormatMessageA
LocalFree
DeleteCriticalSection
GetCommandLineW
GlobalFree
LoadLibraryExA
HeapAlloc
TlsAlloc
VirtualAllocEx

shlwapi

PathRemoveFileSpecA

advapi32

ImpersonateSelf
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RevertToSelf

shell32

SHGetPathFromIDListA
ShellExecuteExA
SHGetSpecialFolderLocation
SHGetMalloc
SHGetFileInfoA
ShellExecuteA

oleaut32

SysAllocStringByteLen
SysFreeString

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

wsock32

ntohs

ole32

IsEqualGUID
CoCreateInstance
CoUninitialize
CoInitializeEx
CreateStreamOnHGlobal

comctl32

ImageList_LoadImageA
ImageList_SetBkColor
ImageList_SetDragCursorImage
CreateUpDownControl
ImageList_Copy
ImageList_SetOverlayImage
ImageList_Duplicate
FlatSB_ShowScrollBar

dsdmo

DllUnregisterServer
DllCanUnloadNow

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 305KB - Virtual size: 780KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02e54fd60a714fb0db04147d2bb342c4

Headers

File Characteristics

Imports

user32

gdi32

kernel32

shlwapi

advapi32

shell32

oleaut32

version

wsock32

ole32

comctl32

dsdmo

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 305KB - Virtual size: 780KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 305KB - Virtual size: 780KB

.rsrc
Size: 3KB - Virtual size: 3KB