c8491e40c37922f4dc467d8b29429223663c7004cd366c62a7ea2466fb68d189

Sharing

Copy URL

Twitter E-mail

General

Target

c8491e40c37922f4dc467d8b29429223663c7004cd366c62a7ea2466fb68d189
Size

105KB
MD5

4efd7908b61e03c6911cdd5110605a85
SHA1

2c7911d6fd862643fa89992b6372c0c497296d3e
SHA256

c8491e40c37922f4dc467d8b29429223663c7004cd366c62a7ea2466fb68d189
SHA512

07611ebac892a431aa5b1de466196d67fadc29b7983052c16cde591a7cc4b8507621e5d132d362e7dc8c1e91a6edeadb0e6811a52879ca1530b65f09435ae6dd
SSDEEP

3072:lEEKGMeDEGwdmdJ0ZjHRmp+PnzbZYmbZB:FKGXDEGwdWJ0ZjHRI+PnzbSsZ

Score

N/A

Malware Config

Signatures

Files

c8491e40c37922f4dc467d8b29429223663c7004cd366c62a7ea2466fb68d189
.exe windows x86

83e56d6f3eba54abd6284fed4b0018fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetTempFileNameA
VirtualQuery
GetVersionExW
DisableThreadLibraryCalls
SetFileTime
GetExitCodeProcess
GetModuleHandleA
MoveFileA
VirtualFree
GetConsoleMode
FreeEnvironmentStringsA
GetStartupInfoA
IsDebuggerPresent
DeleteFileW
VirtualProtect
CopyFileA
FileTimeToLocalFileTime

user32

DefWindowProcA
SetPropA
ReleaseCapture
SetClassLongA
GetSysColor
CheckMenuItem
GetWindowTextA
LoadCursorA
CreateMenu

msvcrt

_ultoa
sqrt
_acmdln
_XcptFilter
__set_app_type
__setusermatherr
_initterm
_amsg_exit
__p__fmode
exit
_except_handler3
__getmainargs
__CxxFrameHandler
memcpy
_adjust_fdiv
__p__commode

oleaut32

SafeArrayPtrOfIndex
CreateErrorInfo
LoadTypeLib
SafeArrayCreate
SafeArrayPutElement

comctl32

ImageList_LoadImageW
ImageList_EndDrag
ImageList_SetImageCount
ImageList_SetDragCursorImage
ImageList_DragEnter
InitializeFlatSB
ImageList_SetIconSize
ImageList_Destroy
ImageList_GetIconSize

advapi32

SetSecurityDescriptorGroup
CryptGenRandom
CryptCreateHash
CryptReleaseContext
RegQueryInfoKeyA
AddAccessAllowedAce
GetLengthSid
RegOpenKeyExW
EqualSid
InitializeSecurityDescriptor
OpenProcessToken
ControlService

shell32

SHGetSettings
DoEnvironmentSubstW
DragQueryFileA
SHGetFileInfo
SHCreateDirectoryExW
ExtractAssociatedIconW
DragQueryFile
DragQueryFileW
SHFileOperationW
Shell_NotifyIconA

ole32

CoFreeUnusedLibraries
StgOpenStorageOnILockBytes
GetRunningObjectTable
PropVariantClear
CreateILockBytesOnHGlobal
OleInitialize
RegisterDragDrop
StringFromCLSID

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83e56d6f3eba54abd6284fed4b0018fa

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

oleaut32

comctl32

advapi32

shell32

ole32

Sections

.text Size: 75KB - Virtual size: 74KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 75KB - Virtual size: 74KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 25KB - Virtual size: 25KB