a436f3befb37ef55e376d4bf4610c95a70b1de24e7a72b2ea379adee584711b3

General

Target

a436f3befb37ef55e376d4bf4610c95a70b1de24e7a72b2ea379adee584711b3
Size

102KB
MD5

65e3ac490ee094f98ae30eb3a280ca9b
SHA1

6313b8da1104548cc5a4163dbb1b166e2515142c
SHA256

a436f3befb37ef55e376d4bf4610c95a70b1de24e7a72b2ea379adee584711b3
SHA512

4f63ed927b45bf34ea74c9c0a10cc66d8fdce65e18202e3d82f061d1aba9b03cc52117379b011e93c0cfda5a2d4ee4366f07e60a8248fa334ec5c5a9587f2707
SSDEEP

3072:FrEFkyvAeQzFMKcHeHn0nAAe567cEtwgh:FwvRn9Hed671twg

Score

N/A

Malware Config

Signatures

Files

a436f3befb37ef55e376d4bf4610c95a70b1de24e7a72b2ea379adee584711b3
.exe windows x86

6464e6f60743313fcd2440994f683152

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
GetModuleHandleA
GetCurrentProcess
EnterCriticalSection
FreeResource
GetEnvironmentStrings
LocalReAlloc
ExitProcess
MulDiv
GetThreadLocale
MoveFileA
GetProcAddress
GetOEMCP
lstrcpyA
VirtualAllocEx
SetLastError
ExitThread
CreateThread
LoadLibraryA
lstrlenA

msvcrt

memmove
strcmp
memcpy
swprintf
sprintf
strncmp
wcstol
wcschr
rand
fabs
malloc
calloc
log
wcsncmp

user32

GetWindow
SystemParametersInfoA
DrawFrameControl
GetClipboardData
GetMenu
GetClientRect
GetCursorPos
EqualRect
EnableWindow
DeferWindowPos
EndDeferWindowPos
CreatePopupMenu
GetIconInfo
GetFocus
GetDesktopWindow
SetWindowPos
DrawMenuBar
IsChild
IsMenu
FindWindowA
ShowScrollBar
IsDialogMessageA
DrawIcon
CharLowerBuffA
GetScrollRange
EnumThreadWindows
EnumWindows

advapi32

RegEnumValueA

version

VerFindFileA
VerInstallFileA

comctl32

ImageList_Draw
ImageList_Create
ImageList_Remove
ImageList_DrawEx
ImageList_Read
ImageList_Destroy
ImageList_DragShowNolock
ImageList_GetBkColor
ImageList_Add

Sections

.CODE
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6464e6f60743313fcd2440994f683152

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

version

comctl32

Sections

.CODE Size: 49KB - Virtual size: 49KB

INIT Size: 50KB - Virtual size: 49KB

.rdata Size: 2KB - Virtual size: 1KB

.CODE
Size: 49KB - Virtual size: 49KB

INIT
Size: 50KB - Virtual size: 49KB

.rdata
Size: 2KB - Virtual size: 1KB