936abc2113436bcf272ed553d7b8c4a6d5ecd9a452185f023cc329495008e16f

Sharing

Copy URL Twitter E-mail

General

Target

936abc2113436bcf272ed553d7b8c4a6d5ecd9a452185f023cc329495008e16f
Size

132KB
MD5

689bb7db489d2a241cbe942eb65906ec
SHA1

16c983c4e78c0bb0482aa0847e742f6156b52e85
SHA256

936abc2113436bcf272ed553d7b8c4a6d5ecd9a452185f023cc329495008e16f
SHA512

305ae1453e9aa999ab06220e67b4d9dca016cb5266de3d61dafcdd18b9f661a0fdf102d5593dc6c4b3ad8eea2d7bf4ed3e2fcccf5355164740a7e07fa3aad948
SSDEEP

3072:v4a2D9ULh6EXnB50XawSyDmnQe0VxYGGRN8uXAIKXUik:Qa30XhSyDmnlGEN8uXABU9

Score

N/A

Malware Config

Signatures

Files

936abc2113436bcf272ed553d7b8c4a6d5ecd9a452185f023cc329495008e16f
.exe windows x86

96740ede8e709d77275f3458b7f9d4b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_adjust_fdiv
_wfopen
__getmainargs
_mktemp
__p__commode
__p__fmode
_acmdln
__setusermatherr
fputs
__set_app_type
_except_handler3
_initterm
_fileno
_XcptFilter
log10
_controlfp
exit
wcsncpy

kernel32

GetSystemTimeAsFileTime
GetShortPathNameA
GetModuleHandleW
GetVersionExW
GetSystemDirectoryA
GetStartupInfoA
WaitForSingleObject
RtlUnwind
OutputDebugStringA
GetModuleHandleA
FileTimeToSystemTime
VirtualProtect

advapi32

OpenThreadToken
CryptDestroyHash
CopySid
RegCreateKeyExA
AddAccessAllowedAce
AdjustTokenPrivileges
CryptAcquireContextA
CloseServiceHandle
CheckTokenMembership
OpenSCManagerA
RegEnumKeyExA
RegQueryValueExA

shell32

SHBindToParent
SHGetPathFromIDListW
SHGetFolderLocation
CommandLineToArgvW
SHChangeNotify
ExtractAssociatedIconW
DragQueryFileA
SHGetSpecialFolderLocation
ShellExecuteExA
ShellExecuteA
SHGetSettings
SHGetFileInfoA

user32

TrackPopupMenu
GetSystemMenu
DialogBoxParamA
MessageBeep
GetMessagePos
EmptyClipboard
UpdateWindow
DrawIconEx
IsWindow
GetMenuItemID
LoadBitmapA

comctl32

ImageList_GetBkColor
ImageList_GetIcon
InitCommonControls
ImageList_ReplaceIcon
DestroyPropertySheetPage
ImageList_Replace
ImageList_Create
ImageList_Add

version

GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerInstallFileW
GetFileVersionInfoW
VerFindFileW
GetFileVersionInfoA
VerQueryValueW

ole32

CreateStreamOnHGlobal
RevokeDragDrop
CoInitializeSecurity
DoDragDrop
OleIsCurrentClipboard
CoInitializeEx
OleGetClipboard
CoTaskMemAlloc

oleaut32

SysReAllocStringLen
VariantCopyInd
SysStringByteLen
SysFreeString
SafeArrayUnaccessData
SysAllocStringByteLen
SysStringLen
SysAllocStringLen

gdi32

TranslateCharsetInfo
TextOutA
PlayEnhMetaFile
GetTextAlign
SetAbortProc
PolyDraw

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96740ede8e709d77275f3458b7f9d4b0

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

shell32

user32

comctl32

version

ole32

oleaut32

gdi32

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 17KB - Virtual size: 39KB

.rsrc Size: 95KB - Virtual size: 95KB

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 17KB - Virtual size: 39KB

.rsrc
Size: 95KB - Virtual size: 95KB