d1578466ab8117af6c2abc50992e8b6e1d12112b0bc42f746a0eedbb020e46a8

Sharing

Copy URL Twitter E-mail

General

Target

d1578466ab8117af6c2abc50992e8b6e1d12112b0bc42f746a0eedbb020e46a8
Size

90KB
MD5

f828dbcacc99ac5f6afd717be52a30f2
SHA1

8720a1287ee31e8a3923ddbb2379fe964bcb98df
SHA256

d1578466ab8117af6c2abc50992e8b6e1d12112b0bc42f746a0eedbb020e46a8
SHA512

feb23d4e52e1da658051bf570e6b8e39aaf7b4517782414f07e42f0919d98aedbbccb2be07a79c779bf7c79d7c2157a20f6915058014deee927bb519234d6ee6
SSDEEP

1536:nfAn/W74Qh+gH+qL3qskLim9PedZyQ/k/742u+owJ8THNFNzn0uNfESSppaBtUTk:nfT+qL3qskLgvZwJ8TtUu5QaBtUTk

Score

N/A

Malware Config

Signatures

Files

d1578466ab8117af6c2abc50992e8b6e1d12112b0bc42f746a0eedbb020e46a8
.exe windows x86

d48126c67eafd9695646fdba10de3cc3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__commode
signal
_initterm
__getmainargs
fputs
strlen
__setusermatherr
_adjust_fdiv
__set_app_type
_except_handler3
calloc
__p__fmode
free
_errno
_acmdln
_exit
fread
_stricmp

kernel32

CreateProcessA
lstrcpyA
FreeLibrary
GetSystemDirectoryW
FreeEnvironmentStringsA
GetStartupInfoA
GetStartupInfoW
VirtualProtect
SetThreadLocale
GetProcAddress
GetModuleFileNameW
WriteFile
ReadFile
GetTempPathA
GlobalReAlloc
CreateProcessW
InterlockedDecrement
GetTimeZoneInformation
LoadLibraryExW
GetStringTypeA
IsDebuggerPresent
WaitForMultipleObjects
GetTempFileNameA
GetUserDefaultLangID

oleaut32

VariantCopy
SysAllocStringByteLen
SafeArrayPtrOfIndex
SafeArrayCreate
LoadTypeLib
SysStringLen
SafeArrayUnaccessData

ole32

CoLoadLibrary
StgOpenStorageOnILockBytes
OleGetClipboard
ProgIDFromCLSID
CoInitializeSecurity
OleRun
CoTaskMemRealloc
GetRunningObjectTable
CoTaskMemFree
OleUninitialize
CoRevokeClassObject

advapi32

OpenSCManagerW
InitiateSystemShutdownA
CryptAcquireContextA
AllocateAndInitializeSid
RevertToSelf
RegEnumKeyExW
OpenServiceW
RegOpenKeyExW
RegDeleteValueW
CryptReleaseContext
SetSecurityDescriptorDacl
RegQueryInfoKeyA
FreeSid
LookupPrivilegeValueW
RegDeleteKeyA
InitializeAcl
RegEnumValueA
CryptHashData
RegQueryValueA

comctl32

ImageList_LoadImageA
ImageList_SetIconSize
CreateToolbarEx
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_Create
PropertySheetW
InitCommonControls
ImageList_SetDragCursorImage

gdi32

DeleteObject
CreateHalftonePalette
EnumFontFamiliesExA
PolyDraw
CreatePatternBrush
GetTextExtentExPointW
CreateDIBPatternBrushPt
ArcTo
SetBkColor

user32

LoadStringA
SetTimer
GetClientRect
DestroyCursor
GetKeyboardType
InsertMenuItemA
WindowFromPoint
SetClassLongA
GetMessagePos
CharNextA

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d48126c67eafd9695646fdba10de3cc3

Headers

File Characteristics

Imports

msvcrt

kernel32

oleaut32

ole32

advapi32

comctl32

gdi32

user32

Sections

.text Size: 50KB - Virtual size: 49KB

.data Size: 23KB - Virtual size: 22KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 50KB - Virtual size: 49KB

.data
Size: 23KB - Virtual size: 22KB

.rsrc
Size: 16KB - Virtual size: 15KB