d765d7c9126c464553b320469c3e07b0b0ad7aaff11fecc18bbfbc0c20f82775

Sharing

Copy URL Twitter E-mail

General

Target

d765d7c9126c464553b320469c3e07b0b0ad7aaff11fecc18bbfbc0c20f82775
Size

105KB
MD5

f6e1317fb612243a5cac69869b86d910
SHA1

0cac445b0848c7d829bf83b975bea0e246f5d1c4
SHA256

d765d7c9126c464553b320469c3e07b0b0ad7aaff11fecc18bbfbc0c20f82775
SHA512

3ece0383f795939fb2013643428e77ba5834e7d3a9a737ed03fbd3bb92cd9631d6b7121d9bb12a816295580d4da4aff4fdf1d1e95cead9608a8bbd8b792defc3
SSDEEP

1536:90y1xNr+yVMomfXHWvD7XWI0rwE3WsL8jfOc+7KxftWpLlWpqxhy/JqHVADQxy:9HrXm/a/YrwE3Wr27Kxl4kMxPHqd

Score

N/A

Malware Config

Signatures

Files

d765d7c9126c464553b320469c3e07b0b0ad7aaff11fecc18bbfbc0c20f82775
.exe windows x86

26259a82dab14a4571b3027246a3ec1e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_strnicmp
_XcptFilter
_except_handler3
strncpy
strlen
fclose
free
getenv
sqrt
__p__fmode
fread
memset
_exit
_adjust_fdiv
_initterm
__p__commode
_cexit
__getmainargs
_controlfp
abort
fprintf
__dllonexit
realloc
atoi
__p___initenv
__set_app_type
__setusermatherr
calloc

comdlg32

GetOpenFileNameA

kernel32

LocalFileTimeToFileTime
GetTimeZoneInformation
VirtualQuery
SetThreadLocale
OutputDebugStringA
GetTickCount
SetHandleCount
GetSystemTime
GetPrivateProfileStringA
VirtualProtectEx
lstrcmpiW
DeleteFileW
InterlockedIncrement
GetNumberFormatA
FreeEnvironmentStringsA
InterlockedExchange
VirtualAlloc

user32

DispatchMessageA
GetClassInfoA
UnregisterClassA
UnhookWindowsHookEx
GetWindowRect
OpenClipboard
IsWindowEnabled
OffsetRect
IsWindowVisible
ReleaseDC
SetDlgItemTextA
SetWindowPlacement
RemovePropA

comctl32

ImageList_GetIcon
ImageList_Create
CreateStatusWindowA
ImageList_BeginDrag
ImageList_AddMasked
PropertySheetW
ImageList_ReplaceIcon
CreatePropertySheetPageA
ImageList_GetBkColor
ImageList_GetIconSize
ImageList_SetDragCursorImage
ImageList_Read
ImageList_DragShowNolock

advapi32

CryptHashData
CryptReleaseContext
AllocateAndInitializeSid
OpenServiceW
AdjustTokenPrivileges
RegEnumKeyExA
CryptCreateHash
RegDeleteValueA
CheckTokenMembership
RegOpenKeyExW
CryptDestroyHash
RegQueryValueExA
SetSecurityDescriptorOwner

ole32

CoReleaseMarshalData
OleSetMenuDescriptor
StgCreateDocfileOnILockBytes
OleGetClipboard
CoInitializeSecurity
OleFlushClipboard
CoGetInterfaceAndReleaseStream

gdi32

LPtoDP
GetTextCharsetInfo
CreateDIBSection
PlayMetaFile
EnumFontFamiliesExW
GetTextMetricsW
PlayMetaFileRecord
AddFontResourceA
GetROP2
GetNearestColor
GetTextExtentPoint32A
GetCurrentObject
DeleteMetaFile
EndDoc
GetTextExtentPoint32W

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26259a82dab14a4571b3027246a3ec1e

Headers

File Characteristics

Imports

msvcrt

comdlg32

kernel32

user32

comctl32

advapi32

ole32

gdi32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 9KB - Virtual size: 46KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 9KB - Virtual size: 46KB

.rsrc
Size: 24KB - Virtual size: 23KB