d1227b38d94d4b98d9ddd09af9ff392e319346b126a0e6bbd27fd9b777cda5c9

Sharing

Copy URL

Twitter E-mail

General

Target

d1227b38d94d4b98d9ddd09af9ff392e319346b126a0e6bbd27fd9b777cda5c9
Size

109KB
MD5

6fc0a56b759a109eab5244b2bbfde777
SHA1

3618f641315eb7424ea3f252186924cd642e7ae7
SHA256

d1227b38d94d4b98d9ddd09af9ff392e319346b126a0e6bbd27fd9b777cda5c9
SHA512

36cc12ea5f49880ec78241293166cf6e6e8398680d3174e2b3d1ec2fe8655ed76fa091dd1430e7a313a99e76cde54a7214101ec26a515a55751ba66ed5fe02d4
SSDEEP

1536:Y7xsOUcq0lfILtfplMdRC2dlyQ88OqXlvxIZKhWQaQDDkY7lpMN7P:YOH0lARfplERCuV88OApIwaQDY4MN

Score

N/A

Malware Config

Signatures

Files

d1227b38d94d4b98d9ddd09af9ff392e319346b126a0e6bbd27fd9b777cda5c9
.exe windows x86

e3a9c53312f1e287897f255c067864ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

remove
_errno
_initterm
fread
fclose
strcmp
strcpy
__set_app_type
fwrite
free
__dllonexit
__p__fmode
_adjust_fdiv
strlen
__setusermatherr
malloc
_exit
_acmdln
_setmode
printf
fprintf
_onexit
fopen
__getmainargs
__p__commode
exit
_except_handler3
__p__environ
_XcptFilter
fseek

kernel32

SetUnhandledExceptionFilter
SetFilePointer
GetVersionExW
GetConsoleMode
lstrcmpA
GetProcAddress
SetThreadLocale
LoadLibraryA
lstrcatA
GetACP
GetModuleHandleW
RemoveDirectoryA
GetStartupInfoA

gdi32

GetTextCharsetInfo
SelectClipRgn
DPtoLP
DeleteMetaFile
CloseEnhMetaFile
ExtCreatePen
CreateRoundRectRgn
SetMetaFileBitsEx
GetStockObject
RectVisible
OffsetViewportOrgEx
SetGraphicsMode
GetBkMode
GetCurrentPositionEx

user32

CreateWindowExA
SetForegroundWindow
CallNextHookEx
WindowFromPoint
RegisterClassA
LoadStringA
SetWindowsHookExA
MapWindowPoints
ScreenToClient

oleaut32

VariantClear
SysAllocStringLen
SafeArrayRedim
SysAllocStringByteLen
SafeArrayGetElement
SafeArrayCreate
SetErrorInfo
VariantCopy
SafeArrayUnaccessData

comctl32

ImageList_DragEnter
ImageList_Add
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_SetOverlayImage
ImageList_GetBkColor
PropertySheetW
ImageList_Destroy
ImageList_AddMasked
ImageList_Write
ImageList_Remove
ImageList_GetIconSize
ImageList_Draw

advapi32

OpenServiceW
RegEnumKeyExA
RegCreateKeyA
AllocateAndInitializeSid
CryptDestroyHash
CryptReleaseContext
CopySid

ole32

OleSetMenuDescriptor
IsEqualGUID
CLSIDFromProgID
CoCreateGuid
OleFlushClipboard
StringFromIID
DoDragDrop
IIDFromString
OleSetClipboard

shell32

Shell_NotifyIconW
ExtractIconA
SHCreateDirectoryExW

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3a9c53312f1e287897f255c067864ae

Headers

File Characteristics

Imports

msvcrt

kernel32

gdi32

user32

oleaut32

comctl32

advapi32

ole32

shell32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 42KB - Virtual size: 61KB

.rsrc Size: 61KB - Virtual size: 61KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 42KB - Virtual size: 61KB

.rsrc
Size: 61KB - Virtual size: 61KB