f79365d440c7da109b96df57cb104311c964aebe43c46b42fab92b97ae2ee6e9

Sharing

Copy URL

Twitter E-mail

General

Target

f79365d440c7da109b96df57cb104311c964aebe43c46b42fab92b97ae2ee6e9
Size

877KB
MD5

7aee360c358a24eeed4ac74368f8ce55
SHA1

41bee18d0c4d8b6a42bc20c5ac368dca2a70b561
SHA256

f79365d440c7da109b96df57cb104311c964aebe43c46b42fab92b97ae2ee6e9
SHA512

3fbbdbca93ab254641b8592cc41dd99469cf9e9ec0e413f766cd84a9e14d8c61e3bee2c8d460f23ad71f7ff6613fce17c2bbd482ceb2b9ed84fbd597255bb3f0
SSDEEP

6144:oME+pK7MA1fzS23dOJTO4V6QXm0hdL4MERdqDr64:oZ+IMA1fzS23dSTx/cREDr64

Score

N/A

Malware Config

Signatures

Files

f79365d440c7da109b96df57cb104311c964aebe43c46b42fab92b97ae2ee6e9
.exe windows x86

c346d3d99895944f46ca39a359d54ad2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MulDiv
LoadModule
GetDriveTypeW
GetLongPathNameW
OpenProcess
ReadProcessMemory
FlushViewOfFile
WriteProcessMemory
GetModuleHandleA
LockFileEx
GetProfileStringW
GetProcessVersion
Process32Next
GetACP
CreateEventW
GetTempPathW
CreateToolhelp32Snapshot
GetWindowsDirectoryW
CloseHandle
GetThreadPriority
GetExitCodeProcess
ExitProcess
GetFileAttributesExW
GetQueuedCompletionStatus
DeleteFileA
GetProcAddress
FlushFileBuffers
GetProcAddress
GetFileAttributesExW
GetModuleFileNameA
GlobalAddAtomW
GetCurrentProcess
LoadLibraryA
CreateThread
ExitProcess
GetCommandLineA
GetVersion
Process32First
FileTimeToSystemTime
PostQueuedCompletionStatus
PeekConsoleInputA
GetProfileIntW
GetDateFormatA

user32

GetLastInputInfo
CharLowerW
GetKeyboardType
GetDlgItem
GetSubMenu
CreateDialogIndirectParamA
DdeNameService
CheckRadioButton
DispatchMessageA
DdeFreeDataHandle
ShowWindow
CharPrevA
TranslateMessage
GetMessageA
GetActiveWindow
CreateIconFromResourceEx
CreateDialogParamW
FindWindowExW
CharToOemW
DispatchMessageA
DrawMenuBar
DrawStateW
UpdateWindow
CreateWindowExA
DragDetect
DestroyIcon
DefWindowProcA
DdeCreateDataHandle
GetMenuItemID
ChangeDisplaySettingsA
DialogBoxIndirectParamA
RegisterClassExA
GetDoubleClickTime
DdeGetLastError
GetUpdateRgn
DestroyMenu
CharToOemW
GetMenuBarInfo
GetClipboardOwner
GetMessageA
CharLowerW

advapi32

AllocateLocallyUniqueId
GetEffectiveRightsFromAclW
CryptDeriveKey
RegOpenKeyExW
RegUnLoadKeyA
RegEnumValueA
RegNotifyChangeKeyValue
SetKernelObjectSecurity
CryptSignHashA
SetSecurityDescriptorDacl
AddAce
RevertToSelf
GetUserNameW
GetNamedSecurityInfoW
GetSecurityDescriptorGroup
CryptHashSessionKey
StartServiceCtrlDispatcherA

shell32

SheGetDirA
StrCmpNA
DllGetClassObject
ExtractAssociatedIconA
ShellExecuteW
SHGetFolderPathW
ExtractAssociatedIconExW
SHChangeNotifySuspendResume
DragQueryFileW
DllGetVersion
SHAddToRecentDocs
SHGetFileInfo

gdi32

GetEnhMetaFilePaletteEntries
CreateSolidBrush
CreateFontIndirectA
RestoreDC
GetTextCharacterExtra
SetTextAlign
CreateDIBSection
GetNearestColor
GetRgnBox
GetBitmapDimensionEx
SetBitmapBits
Polygon
ExtCreateRegion
CreateRoundRectRgn
SetAbortProc
GetCharWidthW
GetSystemPaletteUse
InvertRgn
CreateRectRgn

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 532KB - Virtual size: 532KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size:

Sharing

General

Malware Config

Signatures

Files

c346d3d99895944f46ca39a359d54ad2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

gdi32

Sections

.text Size: 120KB - Virtual size: 120KB

.data Size: 532KB - Virtual size: 532KB

.idata Size: 88KB - Virtual size: 88KB

.rdata Size: 4KB - Virtual size: 4KB

.aspack Size: 4KB - Virtual size: 4KB

.adata Size: - Virtual size: 4KB

.adata Size: - Virtual size: 4KB

Size: - Virtual size:

.text
Size: 120KB - Virtual size: 120KB

.data
Size: 532KB - Virtual size: 532KB

.idata
Size: 88KB - Virtual size: 88KB

.rdata
Size: 4KB - Virtual size: 4KB

.aspack
Size: 4KB - Virtual size: 4KB

.adata
Size: - Virtual size: 4KB

.adata
Size: - Virtual size: 4KB