b97db7186a83cb2b0eb64feb6fb64f1ee1598c4d67a651f765ccee44ca9cd7b3

Sharing

Copy URL

Twitter E-mail

General

Target

b97db7186a83cb2b0eb64feb6fb64f1ee1598c4d67a651f765ccee44ca9cd7b3
Size

280KB
MD5

f320f00d07083fde93f76cfc0b0ce304
SHA1

75101b06fec6f5414a4b1b1adfa32528919ef879
SHA256

b97db7186a83cb2b0eb64feb6fb64f1ee1598c4d67a651f765ccee44ca9cd7b3
SHA512

690e13e03c17b0736d5300ca4ae13e2b240355fdd58784180aa5f028ae839b1b72c2700f67f2b2819cc0d48b775e298675d6b979258975dda232053c29f9e4f7
SSDEEP

6144:Hv8Kp+fj7SObQm/PEVwLP0pNa7hTr2SbY912/b1cAUlEL:HEKKLQm/s48pNgprVbY9Ebms

Score

N/A

Malware Config

Signatures

Files

b97db7186a83cb2b0eb64feb6fb64f1ee1598c4d67a651f765ccee44ca9cd7b3
.exe windows x86

f6972afe780322ede0f49a22741223e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysAllocStringByteLen
GetErrorInfo
LoadTypeLi
SafeArrayDestroy
SafeArrayUnlock
VariantClear
SafeArrayGetVartype
SysStringLen
SysStringByteLen
VariantInit
SysAllocStringLen
VarBstrCat
RegisterTypeLi
SysAllocString
LoadRegTypeLi
SafeArrayGetUBound
SysFreeString
SafeArrayLock
SafeArrayGetLBound
VarBstrCmp
UnRegisterTypeLi

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

ole32

CreateStreamOnHGlobal
CoTaskMemFree
CoCreateInstance
StringFromCLSID
CoCreateFreeThreadedMarshaler

user32

CharNextW
GetDC
GetDlgItemTextW
GetMessageA
GetMenuInfo
InsertMenuItemA
DefWindowProcW
RegisterClassA
PostMessageW
SetMenu
LoadBitmapW
CreateDialogIndirectParamW
LoadIconA
ShowCaret
CharPrevA
CharLowerA
PeekMessageA
LoadIconW
RemoveMenu

shlwapi

PathIsURLW
PathRemoveFileSpecW
PathIsRelativeW
PathFileExistsW
PathStripToRootW
PathRemoveExtensionW
PathFindFileNameW
PathCombineW
PathFindExtensionW
PathRenameExtensionW
PathCanonicalizeW

kernel32

FindResourceW
HeapDestroy
UnhandledExceptionFilter
LockResource
GlobalSize
IsDBCSLeadByteEx
GlobalLock
GetProcessHeap
GlobalUnlock
DeleteFileW
OutputDebugStringW
GlobalFree
IsProcessorFeaturePresent
GetFileSize
CloseHandle
GetCurrentDirectoryW
CreateFileW
FindResourceExW
DeleteCriticalSection
GetTempFileNameW
GlobalReAlloc
lstrlenW
IsDebuggerPresent
GlobalAlloc
LoadResource
HeapAlloc
GetCurrentThreadId
GetThreadLocale
FreeLibrary
SwitchToThread
HeapFree
GetSystemTimeAsFileTime
LeaveCriticalSection
GetFullPathNameW
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
HeapReAlloc
EnterCriticalSection
GetModuleHandleW
ReadFile
HeapSize
SizeofResource
CopyFileW
RaiseException
SetThreadLocale
VirtualAlloc

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

gdi32

GetClipBox

rpcns4

RpcNsBindingImportDone
I_RpcNsGetBuffer
RpcNsGroupMbrInqNextW
RpcIfIdVectorFree
RpcNsProfileEltInqDone
RpcNsBindingImportBeginA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 252KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6972afe780322ede0f49a22741223e2

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

user32

shlwapi

kernel32

version

gdi32

rpcns4

Sections

.text Size: 22KB - Virtual size: 22KB

.data Size: 252KB - Virtual size: 311KB

.rdata Size: 3KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 22KB - Virtual size: 22KB

.data
Size: 252KB - Virtual size: 311KB

.rdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB