9a845bc6a83b4a3cf9bd5cf518886dcad231e703f1a1726200ff3639efc4d96f

Sharing

Copy URL

Twitter E-mail

General

Target

9a845bc6a83b4a3cf9bd5cf518886dcad231e703f1a1726200ff3639efc4d96f
Size

143KB
MD5

22017b4dec570ed0ea730b42ec9f8cb8
SHA1

2cf2b91003d635fd2a8ae2043577d13569f03e7a
SHA256

9a845bc6a83b4a3cf9bd5cf518886dcad231e703f1a1726200ff3639efc4d96f
SHA512

1e88134b03111acd7746d14a7ae471fc8a8edea4149be868f81b3a6f55c63f9a0b1eb80f074f52368dcf46afe72e46ec2c734ae801c81ca25b8b436ac40406e9
SSDEEP

1536:0y+3HBAcxVp8ViTHmVTxhHNfmB1Dhn6gUBFp0bQbBgBaprxIN8YhNFE/1CO23o3/:0ymBAW5mVSnKp0kbqBaFxIq0Gi3w/

Score

N/A

Malware Config

Signatures

Files

9a845bc6a83b4a3cf9bd5cf518886dcad231e703f1a1726200ff3639efc4d96f
.exe windows x86

db47fd98fa086475ed13b40c63dd0890

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FreeEnvironmentStringsA
GetModuleHandleA
GlobalUnlock
IsBadCodePtr
RemoveDirectoryA
VirtualProtect
GetModuleFileNameW
GetStartupInfoA

msvcrt

_acmdln
log
_except_handler3
_XcptFilter
iswspace
__setusermatherr
__p__commode
__set_app_type
__getmainargs
localeconv
_adjust_fdiv
exit
fsetpos
_initterm
__p__fmode

user32

IsWindowVisible
GetKeyboardType
IntersectRect
SetCursor
IsDialogMessageA
ScreenToClient
GetCursorPos
SetTimer
GetMenuState
RegisterClipboardFormatA
ShowOwnedPopups

advapi32

RegFlushKey
IsValidSid
RegEnumValueA
SetSecurityDescriptorOwner
LookupPrivilegeValueA
OpenServiceA
DeregisterEventSource
CryptHashData
QueryServiceStatus
CryptCreateHash

comctl32

ImageList_BeginDrag
CreatePropertySheetPageA
ImageList_AddMasked
ImageList_Draw
ImageList_SetBkColor
CreateToolbarEx
ImageList_SetOverlayImage

oleaut32

VariantCopy
VariantInit
SysStringLen
SetErrorInfo
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
SysFreeString
GetErrorInfo
SafeArrayUnaccessData
SysReAllocStringLen

shell32

SHFileOperationA
ExtractIconExA
CommandLineToArgvW
SHGetFolderLocation
SHAddToRecentDocs
DragAcceptFiles
SHGetFolderPathW
SHGetPathFromIDList
DragQueryFile

version

GetFileVersionInfoA
VerQueryValueW
VerLanguageNameA
VerQueryValueA

ole32

CoDisconnectObject
CoTaskMemRealloc
IsEqualGUID
OleGetClipboard
OleIsCurrentClipboard
IIDFromString
OleSetClipboard
StringFromIID
CoGetClassObject
CLSIDFromString
StgOpenStorageOnILockBytes

gdi32

CreateRectRgnIndirect
CreateFontIndirectA
GetEnhMetaFileBits
SetTextCharacterExtra

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

db47fd98fa086475ed13b40c63dd0890

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

comctl32

oleaut32

shell32

version

ole32

gdi32

Sections

.text Size: 64KB - Virtual size: 64KB

.data Size: 48KB - Virtual size: 47KB

.rsrc Size: 29KB - Virtual size: 32KB

.text
Size: 64KB - Virtual size: 64KB

.data
Size: 48KB - Virtual size: 47KB

.rsrc
Size: 29KB - Virtual size: 32KB