cde1655ceb599b8e56be8ff88ad3807a74a1589678891b3c4bb6e7a234882436

Sharing

Copy URL Twitter E-mail

General

Target

cde1655ceb599b8e56be8ff88ad3807a74a1589678891b3c4bb6e7a234882436
Size

83KB
MD5

1b64090cf39e177ac7b6309da2eb940c
SHA1

143139cfb3f8d3f31fe5dbf6a0dd0ebb51606ba4
SHA256

cde1655ceb599b8e56be8ff88ad3807a74a1589678891b3c4bb6e7a234882436
SHA512

c24d6d08e3dfd5430556f1ac4952ee9498a1cd15b74d06fa9aa88098652f89d05fbb3d79b9f8823d7561834820731143e2807baf5a7429bd5752a6ca56ac8938
SSDEEP

1536:WAgMLW1qaPaUNZ8WsZRYBUVRCS2x1W44D08QGCNG1n/xQ:WAJorPaUNZ7s944DnANG1n/xQ

Score

N/A

Malware Config

Signatures

Files

cde1655ceb599b8e56be8ff88ad3807a74a1589678891b3c4bb6e7a234882436
.exe windows x86

2cb67f7e81e44025fc8492f604efc5f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_initterm
fread
strcpy
calloc
__p___initenv
_XcptFilter
__getmainargs
memset
_adjust_fdiv
__p__environ
__setusermatherr
realloc
__p__commode
_exit
__set_app_type
strchr
sprintf
_except_handler3
free
_controlfp
__p__fmode
abort

kernel32

GetProcAddress
GetStdHandle
SetThreadLocale
GetPrivateProfileStringA
VirtualProtect
GetModuleHandleW
GetCurrentProcess
GetProcessHeap
LCMapStringA
VirtualProtectEx
GetWindowsDirectoryA
GetStringTypeW
GetDiskFreeSpaceA
lstrlenW
GlobalAlloc
CreateProcessW
GetCommandLineW
LocalFileTimeToFileTime
WriteConsoleA

gdi32

OffsetClipRgn
SetMetaFileBitsEx
ExtCreateRegion
SetBkMode
SetGraphicsMode
InvertRgn
RectVisible
SetDIBitsToDevice
DPtoLP
GetTextFaceW
Rectangle
SetWorldTransform
GetNearestPaletteIndex
Escape
GetCharacterPlacementA
GetViewportOrgEx
SetViewportExtEx

comctl32

ImageList_Create
ImageList_SetIconSize
ImageList_SetOverlayImage
ImageList_Draw
ImageList_LoadImageW
ImageList_EndDrag
InitCommonControls
ImageList_DrawEx
ImageList_SetBkColor

advapi32

LookupPrivilegeValueA
OpenSCManagerW
RegCreateKeyExA
RegQueryValueExA
AdjustTokenPrivileges
RevertToSelf
RegDeleteKeyW
ControlService
RegQueryValueA
RegQueryValueExW
SetSecurityDescriptorGroup
RegQueryInfoKeyA
CryptDestroyHash

user32

InsertMenuItemA
DestroyWindow
FillRect
PeekMessageA
SetWindowTextA
WaitMessage
IntersectRect
SetForegroundWindow
CreateMenu
InflateRect
GetMenuStringA
TranslateMessage
SetWindowsHookExA
UnhookWindowsHookEx
SetPropA
GetDCEx
MessageBeep
GetWindowTextA

ole32

CoTaskMemFree
OleFlushClipboard
CoRevokeClassObject
GetRunningObjectTable
OleDraw
StringFromIID
ReleaseStgMedium
PropVariantClear
CoRegisterClassObject
DoDragDrop
StringFromGUID2
OleGetClipboard
OleSetMenuDescriptor

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2cb67f7e81e44025fc8492f604efc5f2

Headers

File Characteristics

Imports

msvcrt

kernel32

gdi32

comctl32

advapi32

user32

ole32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 62KB

.rsrc Size: 4KB - Virtual size: 76KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 62KB

.rsrc
Size: 4KB - Virtual size: 76KB