528f50560036613d0db1f73749af6889fcf360e33d51d5986f31e089cc9e33a0

Sharing

Copy URL Twitter E-mail

General

Target

528f50560036613d0db1f73749af6889fcf360e33d51d5986f31e089cc9e33a0
Size

152KB
MD5

1e09d592f899ced23ae777ac548bfe60
SHA1

0215f2f9b4b25b06aab54ad297781f47ad1e1fd0
SHA256

528f50560036613d0db1f73749af6889fcf360e33d51d5986f31e089cc9e33a0
SHA512

e873d58314cdd8e35ee150862f0589cb1c44939909b6b28a27e22cca66f788bf4c22c7183906b9ff6d0dbdaa9668d81648e3f81688c50f82b18eb6e0610b4cd2
SSDEEP

3072:wIPkSU0LMJSpomMjs4dqcZ+lYMbZE+vlFEPbB91CD74gjYgb7N:wIkSUBJSEr0cZ+6MVEwb291k3

Score

N/A

Malware Config

Signatures

Files

528f50560036613d0db1f73749af6889fcf360e33d51d5986f31e089cc9e33a0
.exe windows x86

ce068cb89de0f04a7a581f15c2c08b49

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
VerInstallFileA
GetFileVersionInfoA

advapi32

RegOpenKeyA
RegEnumValueA
RegQueryValueExA
RegLoadKeyA

user32

IsWindowVisible
GetDlgItem
EnableScrollBar
GetWindow
DrawIconEx
GetCursor
DeferWindowPos
GetFocus
GetMenuItemID
MessageBoxA
IsWindowEnabled
GetForegroundWindow
EnumWindows
IsChild
DispatchMessageA
GetWindowTextA
GetMenuItemInfoA
GetDesktopWindow
GetIconInfo
DispatchMessageW
GetClipboardData
GetPropA
EnumThreadWindows
SystemParametersInfoA
DrawFrameControl
CreatePopupMenu
GetSysColor
IsDialogMessageA
ShowScrollBar
GetCursorPos
GetMessagePos
EnableWindow

shlwapi

PathFileExistsA
StrStrA
StrCmpCA
SHGetValueA
StrCatBuffA
SHQueryInfoKeyA
StrDupA
StrRChrA
SHEnumValueA

kernel32

lstrcmpiA
GetCommandLineA
MoveFileA
ReadFile
GetStringTypeW
GetCurrentProcess
LocalReAlloc
GetVersion
GetProcessHeap
GlobalFindAtomA
LocalFree
CreateFileA
LoadLibraryExA
FreeResource
GetLocaleInfoA
GetCurrentProcessId
SetHandleCount
FindClose
GetFileType
GetCurrentThreadId
InitializeCriticalSection
GetCPInfo
GetFullPathNameA
GetThreadLocale
GetVersionExA
CreateEventA
lstrlenA
GetTickCount
LocalAlloc
GlobalDeleteAtom
EnterCriticalSection
GetACP
GetSystemDefaultLangID
SetFilePointer
GetModuleFileNameA
LoadResource
GetCurrentThread
ExitProcess
lstrcpynA
VirtualAlloc
RaiseException
GetOEMCP
VirtualQuery

shell32

SHDefExtractIconA
DragQueryFileA
SHGetDiskFreeSpaceA
SHGetFolderPathA
SHFileOperationA

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 132KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ce068cb89de0f04a7a581f15c2c08b49

Headers

File Characteristics

Imports

version

advapi32

user32

shlwapi

kernel32

shell32

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 3KB - Virtual size: 2KB

DATA Size: 132KB - Virtual size: 239KB

.init Size: 5KB - Virtual size: 5KB

.bss Size: 1KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 3KB - Virtual size: 2KB

DATA
Size: 132KB - Virtual size: 239KB

.init
Size: 5KB - Virtual size: 5KB

.bss
Size: 1KB - Virtual size: 1KB