a811b57767298dabc7bfc18f305d4304c0835c3226f07808f634a115241ae484

Sharing

Copy URL Twitter E-mail

General

Target

a811b57767298dabc7bfc18f305d4304c0835c3226f07808f634a115241ae484
Size

26KB
MD5

84a0d3fff8e32b24471558a5685a4006
SHA1

07b8d7ca37a74a95ae8e4c35277f145e67e3b60c
SHA256

a811b57767298dabc7bfc18f305d4304c0835c3226f07808f634a115241ae484
SHA512

d5444dbb814de1718770e531c4a0fd9f4a90b5af2ff2df89b86578c0c023e2c7787fc051d634e9a0576a9aa21a94261a0ac2902d432d7ad3d3f07cfae41c6303
SSDEEP

384:uL4ILw3hWgcijFWWDTJRJph4aBTb3ODelNbhLow2aCFtCtVgSU9aDkKaDkk99Dwa:ENQYgceMSgW7LL2aC3/7awKawE9wg

Score

N/A

Malware Config

Signatures

Files

a811b57767298dabc7bfc18f305d4304c0835c3226f07808f634a115241ae484
.exe windows x86

781011031cc2d50601c92cbbde13cfb6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHIsLowMemoryMachine
ord16
SHRegCloseUSKey
PathQuoteSpacesW
PathFindFileNameW
SHSetThreadRef
StrChrIW
StrCpyNW
PathRemoveFileSpecW
PathAppendW

imm32

ImmGetConversionListA
ImmGetIMCCLockCount

gdi32

SetTextColor
SetBkMode
SelectPalette
SelectObject
Polyline
GetObjectW
GetDeviceCaps
GetCurrentPositionEx
DeleteObject
CreatePen

kernel32

LoadLibraryW
LocalFree
QueryPerformanceCounter
SetEvent
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
UnmapViewOfFile
lstrcpynW
GetModuleHandleW
CloseHandle
CreateFileMappingW
CreateFileW
CreateProcessW
CreateThread
DeleteCriticalSection
EnterCriticalSection
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetModuleHandleA
LoadLibraryExA
GetProcAddress
GetStartupInfoA
GetTempFileNameW
GetTickCount
GetWindowsDirectoryW
GlobalFree
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection

shell32

RealShellExecuteExW
DuplicateIcon
DragAcceptFiles
CommandLineToArgvW
SHUpdateRecycleBinIcon

user32

PeekMessageA
CountClipboardFormats

dbghelp

DbgHelpCreateUserDump
MiniDumpReadDumpStream
MiniDumpWriteDump
SymEnumerateModules64
SymGetLineFromAddr64
SymGetOptions
vc7fpo

Sections

.text
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

781011031cc2d50601c92cbbde13cfb6

Headers

File Characteristics

Imports

shlwapi

imm32

gdi32

kernel32

shell32

user32

dbghelp

Sections

.text Size: 15KB - Virtual size: 16KB

.rdata Size: 6KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 3KB

.text
Size: 15KB - Virtual size: 16KB

.rdata
Size: 6KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 3KB