7733406df39a5ecd25d64a8e8dc4252da9084824090b3ffc05e917238d42983b

Sharing

Copy URL Twitter E-mail

General

Target

7733406df39a5ecd25d64a8e8dc4252da9084824090b3ffc05e917238d42983b
Size

93KB
MD5

6b7ee7df2e2677c1255d8639b0c0ffee
SHA1

960274ee5b00551c9fdb55e03d88819c4bb7bc14
SHA256

7733406df39a5ecd25d64a8e8dc4252da9084824090b3ffc05e917238d42983b
SHA512

6c29140c325d90a08f6b9f135f6df0de98275fbfc33150672d4ac95f373e16e1726d803bd19ca37176b5946ce1939899e0e3dd58f4953bf7b997227f9ad9ce6d
SSDEEP

1536:R2Czuy40MySCx4moYV5U86ju0ZVsIaSsx5lc8bQWsPu4sxdan:R2AxMPCx4m5VyBCSsbdQBLsjan

Score

N/A

Malware Config

Signatures

Files

7733406df39a5ecd25d64a8e8dc4252da9084824090b3ffc05e917238d42983b
.exe windows x86

2dd5e25c0d0a61b0c6930342e835995b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_strnicmp
__getmainargs
_except_handler3
calloc
free
strstr
getenv
_stricmp
_write
fopen
fread
__p__fmode
_acmdln
fputc
_XcptFilter
_exit
_initterm
__set_app_type
__setusermatherr
_adjust_fdiv
__p__commode

kernel32

CopyFileA
CreateFileMappingA
GetModuleFileNameW
IsBadReadPtr
WriteFile
GetUserDefaultLangID
GetDateFormatA
GetSystemTime
LocalFree
GetStartupInfoA
GetExitCodeProcess
GetPrivateProfileStringA
IsValidCodePage
CompareFileTime
WideCharToMultiByte
lstrcmpiW
GetProcAddress
GetFileAttributesW
IsDebuggerPresent
LoadLibraryExW
FreeLibrary
ReadFile
ExitProcess

gdi32

OffsetWindowOrgEx
GetPaletteEntries
MoveToEx
StartDocA
SetGraphicsMode
GetTextAlign
GetCurrentObject
GetDIBits
AddFontResourceA
GetCharWidthW
GetOutlineTextMetricsA
ExtTextOutW
SetMetaFileBitsEx
PlayMetaFile

user32

ReleaseCapture
TranslateMessage
DialogBoxParamA
OemToCharA
GetScrollInfo
ShowWindow

oleaut32

SafeArrayPtrOfIndex
CreateErrorInfo
SafeArrayGetUBound
SysAllocStringByteLen
SafeArrayCreate
LoadTypeLib
VariantCopy
SysFreeString
SysStringByteLen
SafeArrayGetElement

ole32

GetRunningObjectTable
CoGetClassObject
ReleaseStgMedium
CoDisconnectObject
OleInitialize
CreateStreamOnHGlobal
OleUninitialize
CLSIDFromProgID
CoRegisterClassObject
CoFreeUnusedLibraries
CoInitializeEx
OleSetMenuDescriptor

advapi32

QueryServiceStatus
RegFlushKey
LookupPrivilegeValueA
IsValidSid
CheckTokenMembership
RegEnumKeyExW
GetTokenInformation
RegDeleteKeyA

comctl32

ImageList_LoadImageA
ImageList_SetDragCursorImage
ImageList_GetImageInfo
PropertySheetA
PropertySheetW

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2dd5e25c0d0a61b0c6930342e835995b

Headers

File Characteristics

Imports

msvcrt

kernel32

gdi32

user32

oleaut32

ole32

advapi32

comctl32

Sections

.text Size: 52KB - Virtual size: 52KB

.data Size: 24KB - Virtual size: 23KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 52KB - Virtual size: 52KB

.data
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 16KB - Virtual size: 15KB