d8a13e0b197495439919a02c760fb70b81d1a5b54abd8cace9d5ca57f522cd1f

Sharing

Copy URL Twitter E-mail

General

Target

d8a13e0b197495439919a02c760fb70b81d1a5b54abd8cace9d5ca57f522cd1f
Size

98KB
MD5

fa852363fe25744e614e9a46a849cb9a
SHA1

7cffb24fa13096e2b1e7b18939a763a8c63a14de
SHA256

d8a13e0b197495439919a02c760fb70b81d1a5b54abd8cace9d5ca57f522cd1f
SHA512

ba51b37fef0a2ac9d0031c08ece2597bcb5d4d0cb23e10d8995439c8be2002e14aeedc60971b9204b54f01315f2e34446cc33efc6233439805ab12219fc4d0b0
SSDEEP

3072:6jezokXKXHQksC8TuWKBVdc/Ursxw23bFhA1R9WC:6jezwXJEundQSh23Jq1l

Score

N/A

Malware Config

Signatures

Files

d8a13e0b197495439919a02c760fb70b81d1a5b54abd8cace9d5ca57f522cd1f
.exe windows x86

2453d1fe9baacc6d01a3c780cf11c593

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

free
strncmp
_except_handler3
sqrt
atoi
memcpy
__getmainargs
fclose
__setusermatherr
__p__environ
_exit
_initterm
_cexit
strstr
_acmdln
__set_app_type
__p__commode
memmove
__p__fmode
_adjust_fdiv
calloc
_vsnprintf
strcpy
exit

comdlg32

GetOpenFileNameA

kernel32

VirtualFree
TerminateProcess
CreateProcessW
GetModuleFileNameA
GlobalReAlloc
GetSystemDirectoryA
DeleteFileA
GetLocalTime
InterlockedIncrement
LCMapStringA
FileTimeToLocalFileTime
QueryPerformanceCounter
GetNumberFormatA
lstrcmpiW
UnhandledExceptionFilter
GetStartupInfoA

user32

GetMenuState
BeginPaint
EnableMenuItem
CloseClipboard
SetDlgItemTextA
GetDlgItem
SetClassLongA
SetCapture
GetSysColor
GetScrollPos
PostQuitMessage
GetScrollInfo
SetScrollRange
WaitMessage
AdjustWindowRectEx

ole32

IIDFromString
CoInitialize
CoInitializeEx
IsAccelerator
ReleaseStgMedium
PropVariantClear
CoInitializeSecurity

gdi32

MaskBlt
CreatePenIndirect
CreateICW
Pie
GetBkColor
GetTextAlign
GetPixel
StrokeAndFillPath
LPtoDP
GetTextMetricsA
SetEnhMetaFileBits
GetEnhMetaFileDescriptionA
AddFontResourceA

advapi32

RegDeleteKeyW
RegOpenKeyExW
SetSecurityDescriptorDacl
RegDeleteValueA
FreeSid
OpenThreadToken
AdjustTokenPrivileges
DeregisterEventSource
OpenSCManagerW
RegQueryInfoKeyW
OpenServiceA
InitializeAcl
CloseServiceHandle
RevertToSelf

comctl32

ImageList_BeginDrag
ImageList_SetIconSize
ImageList_SetOverlayImage
ImageList_GetIcon
ImageList_GetIconSize
PropertySheetW
ImageList_DragLeave
ImageList_SetImageCount
DestroyPropertySheetPage
ImageList_Destroy
ImageList_GetImageInfo
ImageList_ReplaceIcon
ImageList_AddMasked
CreatePropertySheetPageA
CreateToolbarEx
ImageList_LoadImageW

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2453d1fe9baacc6d01a3c780cf11c593

Headers

File Characteristics

Imports

msvcrt

comdlg32

kernel32

user32

ole32

gdi32

advapi32

comctl32

Sections

.text Size: 5KB - Virtual size: 4KB

.data Size: 9KB - Virtual size: 45KB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 5KB - Virtual size: 4KB

.data
Size: 9KB - Virtual size: 45KB

.rsrc
Size: 19KB - Virtual size: 18KB