b2a8ad45fd9abc1d5143b2dc0d458dc57091d5125b670a5ea751c6ee4191f51b

Sharing

Copy URL

Twitter E-mail

General

Target

b2a8ad45fd9abc1d5143b2dc0d458dc57091d5125b670a5ea751c6ee4191f51b
Size

65KB
MD5

885783ac5d736cbcc5f337e5ed17355f
SHA1

4dc81cdf61cc02083559623d7b4b1cb58e4eb5ca
SHA256

b2a8ad45fd9abc1d5143b2dc0d458dc57091d5125b670a5ea751c6ee4191f51b
SHA512

ac611a14b915b6ecb5d16ed3360d74050934ccf6cc2c963796d460e242044a0bac824441c552edb7f8668da7e5fa6afc5c00d6587daa42eff75b0af47d40c1ab
SSDEEP

768:3GiTkiH27mrvtRU9wGo+UuDQNG3i50AMim9I1Mzc8c8+cMzk0:3VXH20lRUGgUuDQNb1pAc803zz

Score

N/A

Malware Config

Signatures

Files

b2a8ad45fd9abc1d5143b2dc0d458dc57091d5125b670a5ea751c6ee4191f51b
.exe windows x86

68fce2662a64a6152b3433b37ff64719

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceW
LoadResource
FreeLibrary
GetLogicalDrives
lstrcmpiW
OpenEventW
GetDateFormatW
SystemTimeToFileTime
GetSystemDirectoryW
GetWindowsDirectoryW
LocalFree
CreateDirectoryW
GetTempPathW
LocalAlloc
RemoveDirectoryW
lstrlenA
lstrlenW
lstrcpynW
SetUnhandledExceptionFilter
IsDebuggerPresent
lstrcpyW
WaitForSingleObject
CreateEventW
MoveFileW
ExpandEnvironmentStringsA
GetModuleHandleW
GetCurrentThreadId
GetModuleHandleA
GetProcAddress

user32

PeekMessageW
GetForegroundWindow
MoveWindow
IsWindow
GetTopWindow
RegisterWindowMessageW
GetSysColor
GetSubMenu
RemoveMenu
GetSysColorBrush
CreatePopupMenu
CreateMenu
GetMenuItemID
GetMenuState
GetMenuItemCount
AppendMenuW
GetSystemMetrics
LoadBitmapW
GetDesktopWindow
CopyRect
GetMenuItemInfoW
SendMessageW
LoadImageW
CheckMenuItem
DestroyIcon
EnableMenuItem
EnableWindow
CopyIcon
PostMessageW
OffsetRect
SetWindowPos

gdi32

CreateCompatibleDC
CreateFontIndirectW
CreatePen
CreateDIBSection
CreateHatchBrush
CreatePatternBrush
DeleteObject
CreateSolidBrush

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

SHGetSpecialFolderLocation
SHGetDesktopFolder
SHBrowseForFolderW
ShellExecuteW

ole32

CoUninitialize
CoCreateInstance
CoInitialize

comctl32

ImageList_GetIconSize

shlwapi

PathIsDirectoryW

resutils

ResUtilVerifyService
ResUtilStartResourceService
ResUtilTerminateServiceProcessFromResDll
ResUtilVerifyResourceService
ResUtilFreeEnvironment
ResUtilGetAllProperties
ResUtilSetExpandSzValue
ResUtilGetProperties

wiashext

AddDeviceWasChosenW
DllRegisterServer
AddDeviceWasChosen
DllCanUnloadNow
MakeFullPidlForDevice
DllGetClassObject
DllUnregisterServer

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ACdWOr
Size: 4KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ia
Size: 3KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oKl
Size: 5KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Epe
Size: 6KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.szxy
Size: 3KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hUK
Size: 4KB - Virtual size: 861KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uEz
Size: 1KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.IkUHX
Size: 6KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.QRZOX
Size: 3KB - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68fce2662a64a6152b3433b37ff64719

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

shlwapi

resutils

wiashext

Sections

.text Size: 15KB - Virtual size: 14KB

.ACdWOr Size: 4KB - Virtual size: 241KB

.rdata Size: 3KB - Virtual size: 42KB

.ia Size: 3KB - Virtual size: 376KB

.oKl Size: 5KB - Virtual size: 175KB

.Epe Size: 6KB - Virtual size: 65KB

.szxy Size: 3KB - Virtual size: 171KB

.hUK Size: 4KB - Virtual size: 861KB

.uEz Size: 1KB - Virtual size: 36KB

.data Size: 6KB - Virtual size: 58KB

.IkUHX Size: 6KB - Virtual size: 54KB

.QRZOX Size: 3KB - Virtual size: 403KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 14KB

.ACdWOr
Size: 4KB - Virtual size: 241KB

.rdata
Size: 3KB - Virtual size: 42KB

.ia
Size: 3KB - Virtual size: 376KB

.oKl
Size: 5KB - Virtual size: 175KB

.Epe
Size: 6KB - Virtual size: 65KB

.szxy
Size: 3KB - Virtual size: 171KB

.hUK
Size: 4KB - Virtual size: 861KB

.uEz
Size: 1KB - Virtual size: 36KB

.data
Size: 6KB - Virtual size: 58KB

.IkUHX
Size: 6KB - Virtual size: 54KB

.QRZOX
Size: 3KB - Virtual size: 403KB

.rsrc
Size: 2KB - Virtual size: 1KB