219c3339ecd0f5a4ad2174ca14f5b34092dbbc85e485ea529f6e94ecccbfb3bf

Sharing

Copy URL Twitter E-mail

General

Target

219c3339ecd0f5a4ad2174ca14f5b34092dbbc85e485ea529f6e94ecccbfb3bf
Size

125KB
MD5

9074d9aef799f77119e9cbb200be8c00
SHA1

13c087b9ed30677d8517f3619bdde59c5676ef7d
SHA256

219c3339ecd0f5a4ad2174ca14f5b34092dbbc85e485ea529f6e94ecccbfb3bf
SHA512

def1150fd5242ac428cc69f35ab2875f27364c07b65173b71dc601f88a52aca1512a00c40a093d45fa333d7ee8bddad07bf9451bbc5797da2ed800977950fbf7
SSDEEP

3072:X95LuTJCcq29kVqO0Buaq0rVAzvhXke8ebgKtBDn:NWwqOpavahn8WgKH

Score

N/A

Malware Config

Signatures

Files

219c3339ecd0f5a4ad2174ca14f5b34092dbbc85e485ea529f6e94ecccbfb3bf
.exe windows x86

306446bab036da640b8c2ed3d65cd0eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

exit
__setusermatherr
sin
_adjust_fdiv
_fstat
_acmdln
_except_handler3
_itoa
log
__p__commode
_mbscmp
__set_app_type
_filbuf
wcsstr
fprintf
fgetpos
__getmainargs
_XcptFilter
ceil
_initterm
wcslen
getenv
__p__fmode
_controlfp

kernel32

GetShortPathNameA
GetStartupInfoA
VirtualAlloc
GetLocaleInfoW
FreeEnvironmentStringsW
VirtualQuery
VirtualProtect
GetEnvironmentStringsW
WriteConsoleA
GetModuleHandleA
FormatMessageA
GetVersion

advapi32

OpenThreadToken
OpenServiceW
CryptGenRandom
QueryServiceStatus
CryptAcquireContextA
RegOpenKeyExA
GetTokenInformation
CryptHashData
RegCreateKeyExW
RegQueryInfoKeyW
CryptCreateHash
RegOpenKeyW

oleaut32

SafeArrayPtrOfIndex
VariantCopy
SafeArrayCreate
SetErrorInfo
VariantInit
SafeArrayRedim
SysFreeString
SysAllocStringLen
SafeArrayUnaccessData
VariantCopyInd
LoadTypeLib
SafeArrayGetUBound

gdi32

Chord
GetBrushOrgEx
StartPage
SetStretchBltMode
SetWindowExtEx
EnumFontFamiliesW
GetDIBColorTable
SetROP2
GetCharacterPlacementA
SetBkMode

shell32

ExtractIconA
ShellExecuteEx
SHChangeNotify
SHGetPathFromIDListA
ShellExecuteA
DragQueryFile

ole32

StgOpenStorage
StringFromIID
StgCreateDocfileOnILockBytes
OleIsCurrentClipboard
OleGetClipboard
OleSetClipboard
CreateStreamOnHGlobal
OleUninitialize
RevokeDragDrop

user32

RegisterClipboardFormatA
GetKeyState
EmptyClipboard
GetWindowTextA
SetForegroundWindow
DrawTextA
EnableWindow
InsertMenuItemA
ScreenToClient
IsWindow

comctl32

PropertySheetA
ImageList_BeginDrag
ImageList_Draw
ImageList_GetIcon
ImageList_DragLeave

version

GetFileVersionInfoA
VerInstallFileW
GetFileVersionInfoSizeW
VerInstallFileA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

306446bab036da640b8c2ed3d65cd0eb

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

oleaut32

gdi32

shell32

ole32

user32

comctl32

version

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 17KB - Virtual size: 40KB

.rsrc Size: 89KB - Virtual size: 117KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 17KB - Virtual size: 40KB

.rsrc
Size: 89KB - Virtual size: 117KB