87a670d5df584b7fa89dc670dc27e28b9ec02be5515bedd6ea56c609f6fb7dfc

Sharing

Copy URL Twitter E-mail

General

Target

87a670d5df584b7fa89dc670dc27e28b9ec02be5515bedd6ea56c609f6fb7dfc
Size

65KB
MD5

97643d0ee740bd34a324ebf75d43b1a8
SHA1

ce28148d3866ce0bbb9f0cfe34749a4902639eac
SHA256

87a670d5df584b7fa89dc670dc27e28b9ec02be5515bedd6ea56c609f6fb7dfc
SHA512

2bc9909782f003e7dc9eb3738ccbcd5ccd16abf61317f3ce443740b3690ba66ae23428034783095f7798fae7b6d003d58d715f4acc713a5dbe8df408dddd87c2
SSDEEP

1536:LNKHWMQ14SFSEy2lLYuyshS7tnbr2uqQ1e3DU/9lJV8K:+WJ14SFfyMLYKSVqxDcl5

Score

N/A

Malware Config

Signatures

Files

87a670d5df584b7fa89dc670dc27e28b9ec02be5515bedd6ea56c609f6fb7dfc
.exe windows x86

7346577445516ad3e97d77238515bc17

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsURLW
PathFindFileNameW
StrDupW
StrCatBuffW
PathRemoveFileSpecA
PathSkipRootW
PathIsRootW
StrChrW
StrToIntW
StrToIntExW
SHDeleteValueA
PathFindExtensionW
SHStrDupW
PathFindExtensionA
StrCpyW
PathRemoveFileSpecW
StrRetToBufW
SHSetValueW
PathIsUNCW
PathGetDriveNumberW
StrCmpW
PathRemoveBlanksW
SHGetValueW
PathFileExistsW
StrCmpNIA
PathAppendA
UrlCanonicalizeW
StrCatW
PathRemoveBackslashW

msvcrt

_wsplitpath
strrchr
_CIpow
_unlock
_ltoa
wcsstr
_wfopen
_ultow
iswalpha
wcsncat
srand
_ftol
_c_exit
__set_app_type
_snprintf
fread
fflush
__initenv
__p__commode
isalnum
strstr
isdigit
iswspace
__setusermatherr
__p__fmode
_vsnprintf
fprintf
memset

kernel32

GetCurrentProcessId
SetEndOfFile
LeaveCriticalSection
GetConsoleOutputCP
ExitProcess
GetCommandLineA
lstrcpynA
InitializeCriticalSectionAndSpinCount
ResetEvent
GetCurrentThreadId
GetFileAttributesW
GetModuleFileNameA
DeleteFileW
CreateFileW
VirtualFree
lstrcpynW
GetThreadLocale
WriteFile
QueryPerformanceCounter
TlsSetValue
GetFileType
CompareStringW
GetCurrentThread
GetProcessHeap
HeapAlloc
lstrcmpW
VirtualQuery
CreateEventW
LoadLibraryW
FindResourceA
DeleteFileA
CreateMutexA
GetStringTypeW
SetErrorMode
VirtualAlloc
lstrcatA
DisableThreadLibraryCalls
GetExitCodeThread
lstrcatW
HeapReAlloc
GetSystemDirectoryA
SetStdHandle
SystemTimeToFileTime
GetStringTypeA
lstrcmpA

ole32

CreateILockBytesOnHGlobal
ReadFmtUserTypeStg
CoSetProxyBlanket
OleRun
PropVariantClear
CoInitializeSecurity
OleLoadFromStream
IIDFromString
ProgIDFromCLSID
PropVariantCopy
OleRegGetUserType
CoUnmarshalInterface
CoFreeUnusedLibraries
MkParseDisplayName
CoInitializeEx
CoGetInterfaceAndReleaseStream
CoMarshalInterface
StgOpenStorage
CoCreateGuid
CreateOleAdviseHolder
GetRunningObjectTable
StgCreateDocfileOnILockBytes
OleSaveToStream
GetHGlobalFromStream
CreateBindCtx
CoRevokeClassObject
OleUninitialize
OleRegGetMiscStatus
StringFromCLSID

version

VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoW
VerQueryValueA

ntdll

RtlSetSaclSecurityDescriptor
RtlRaiseStatus
RtlValidSid
RtlInitializeCriticalSection
RtlAddAccessAllowedAce
RtlSetDaclSecurityDescriptor
NtCreateSection
NtAdjustPrivilegesToken
NtDeleteValueKey
NtQueryVolumeInformationFile
NtCancelIoFile
RtlAcquireResourceShared
RtlSystemTimeToLocalTime
RtlUpcaseUnicodeChar
memmove
NlsMbCodePageTag
DbgBreakPoint
NlsMbOemCodePageTag
DbgPrint
RtlOpenCurrentUser
RtlAppendUnicodeStringToString

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 486B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7346577445516ad3e97d77238515bc17

Headers

File Characteristics

Imports

shlwapi

msvcrt

kernel32

ole32

version

ntdll

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 24KB - Virtual size: 84KB

.idata Size: 21KB - Virtual size: 21KB

.reloc Size: 512B - Virtual size: 486B

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 24KB - Virtual size: 84KB

.idata
Size: 21KB - Virtual size: 21KB

.reloc
Size: 512B - Virtual size: 486B