d09e33c21e1d5a1312a73e12726eec88f3f18382beb1aa76d4d81d9c78ff39dc

Sharing

Copy URL

Twitter E-mail

General

Target

d09e33c21e1d5a1312a73e12726eec88f3f18382beb1aa76d4d81d9c78ff39dc
Size

121KB
MD5

45677b574598817dbc2812980a1b1066
SHA1

7947d855d962dfa07727c7a76ab4d66334a5f4f4
SHA256

d09e33c21e1d5a1312a73e12726eec88f3f18382beb1aa76d4d81d9c78ff39dc
SHA512

4b99babe552741cd1ec44d2116f6eca7ca429dfb4ca023cbfa0f33439407e65ec809a5119b3182b09869a7a31e487a9052ceec75befd391c4d1a125248729f5b
SSDEEP

3072:cef+NsGvzKrWoUrEqMrGbvgVQJY9Sk01rkCoOBwISGn:F+KrWobS8PROCI

Score

N/A

Malware Config

Signatures

Files

d09e33c21e1d5a1312a73e12726eec88f3f18382beb1aa76d4d81d9c78ff39dc
.exe windows x86

c4ec1a656fc1adf7739ca2fe472a3606

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LocalFileTimeToFileTime
WideCharToMultiByte
GetConsoleMode
VirtualProtect
GetModuleHandleA
InterlockedCompareExchange
GetStringTypeW
GetEnvironmentStrings
GetStartupInfoA

msvcrt

_initterm
_itoa
_wfopen
strcat
_wcsupr
__set_app_type
__p__commode
__getmainargs
remove
_XcptFilter
_adjust_fdiv
_except_handler3
_filbuf
__setusermatherr
fprintf
_acmdln
__p__fmode
log
exit
_vsnprintf

user32

SetWindowPos
CharNextA
DrawTextA
SetPropA
UpdateWindow
GetSystemMenu
DestroyIcon
DestroyMenu

shell32

DragQueryFileW
FindExecutableW
ExtractIconA
SHGetFileInfoA
SHGetDiskFreeSpaceExW
SHChangeNotify
ExtractIconExW
SHGetSpecialFolderLocation
ExtractIconExA
SHCreateDirectoryExW

comctl32

CreatePropertySheetPageA
PropertySheetW
ImageList_GetIconSize
CreateStatusWindowA
ImageList_Write
ImageList_DrawEx
ImageList_SetIconSize
ImageList_Draw
ImageList_Remove
InitCommonControlsEx
ImageList_Add
ImageList_DragShowNolock

gdi32

PlayMetaFile
GetDeviceCaps
TextOutA
LPtoDP
AddFontResourceA
GetBkMode
GetSystemPaletteEntries
SetTextColor
ArcTo
SetTextJustification
DeleteMetaFile
DeleteObject
SetTextAlign

oleaut32

VariantClear
SafeArrayGetUBound
SafeArrayPtrOfIndex
VariantCopy
SysReAllocStringLen
SysAllocStringByteLen
GetActiveObject
SysStringByteLen

advapi32

CryptReleaseContext
RegOpenKeyA
RegDeleteValueA
RevertToSelf
GetLengthSid
ControlService
CopySid
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
RegDeleteKeyA
OpenProcessToken
RegEnumKeyA

ole32

CoInitializeEx
GetRunningObjectTable
CLSIDFromString
RegisterDragDrop
CoRegisterMessageFilter
CreateItemMoniker

version

GetFileVersionInfoA
VerLanguageNameA
VerFindFileW
VerInstallFileW
VerQueryValueA

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4ec1a656fc1adf7739ca2fe472a3606

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

shell32

comctl32

gdi32

oleaut32

advapi32

ole32

version

Sections

.text Size: 52KB - Virtual size: 51KB

.data Size: 42KB - Virtual size: 41KB

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 52KB - Virtual size: 51KB

.data
Size: 42KB - Virtual size: 41KB

.rsrc
Size: 26KB - Virtual size: 26KB