b47c7df08c274caac67c9ad44c37402ec81794ba1f6aab7c38cbe387140b6100

Sharing

Copy URL Twitter E-mail

General

Target

b47c7df08c274caac67c9ad44c37402ec81794ba1f6aab7c38cbe387140b6100
Size

318KB
MD5

696a840edceeaee1174e3e9a631c073f
SHA1

12ac66cc53eaec22f516d6f901fe42e7d4684efa
SHA256

b47c7df08c274caac67c9ad44c37402ec81794ba1f6aab7c38cbe387140b6100
SHA512

38aa5aa6d88d9f2ec5dca851f43789a582d153d9ce39c34cc2904149d4c876b20b4ea9e780d328cbc77e5f4d166cea429d9dd2b9efa63693cd53de1053092a71
SSDEEP

6144:LD/7XnX4r7YaCUFNgtqQ6K9VKGhXPI7UsyJ8QHuyfOpXlB:L3YAaxgtqJ+Xw7dcufpr

Score

N/A

Malware Config

Signatures

Files

b47c7df08c274caac67c9ad44c37402ec81794ba1f6aab7c38cbe387140b6100
.exe windows x86

c04ff45cc55c743ecec3dedb1f0dfa7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantClear
VariantCopy
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
SafeArrayGetUBound
VariantInit
SafeArrayPtrOfIndex

kernel32

IsWow64Process
GetSystemDirectoryW
InterlockedIncrement
GetWindowsDirectoryW
GetTimeFormatW
DeleteFileA
CreateDirectoryW
GetCommandLineW
GetFileAttributesA
CopyFileW
DeleteFileW
lstrlenA
FormatMessageW
WaitNamedPipeW
GlobalAddAtomW
ExpandEnvironmentStringsW
SetThreadPriority
GlobalAlloc
GetFileTime
HeapAlloc
GetTempPathA
WaitForSingleObject
GlobalFree
GetTempFileNameA
GetPrivateProfileStringW
DebugBreak
LocalReAlloc
WideCharToMultiByte
lstrcmpW
LocalAlloc
WinExec
FindClose
CreateFileA
GetStartupInfoA
SuspendThread
FindNextFileA
HeapFree
GetModuleHandleA
QueryDosDeviceA
FreeLibrary
GlobalFindAtomA
GetDateFormatW
SetLastError
WriteFile
GetCurrentProcess
lstrcmpiW
GetPrivateProfileSectionW
SetLocalTime
VirtualQueryEx
OpenEventA
ReleaseMutex
FindFirstFileA
ReadFile
LocalFree
IsBadCodePtr
GetModuleFileNameW
CreateFileA
FlushFileBuffers
GetVersion
WriteFile
GetTempPathA
GetDateFormatA
ConnectNamedPipe
RaiseException
GetFullPathNameW
GetVolumeInformationW
DeviceIoControl
GetLogicalDriveStringsW
GetProcessHeap
LocalLock
lstrlenW
GetFileAttributesW
CloseHandle
RemoveDirectoryA
InterlockedDecrement
GetProcessVersion
GetModuleFileNameA
GetFileSize
GetThreadLocale
SetFilePointer
GetPrivateProfileIntW
GetThreadPriority
OpenEventW
MultiByteToWideChar
GetFileSize
GetProcAddress
SetCurrentDirectoryW
IsValidLocale
SetEvent
MoveFileA
CreateMutexW

shell32

SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetFileInfoW
SHFileOperationW
SHGetPathFromIDListW
ShellExecuteW
ShellExecuteExA
SHGetSpecialFolderPathW
ExtractIconExA

ole32

CoTaskMemFree
CoQueryProxyBlanket
CoInitialize
CoCreateInstance
CoSetProxyBlanket
CoUninitialize

rpcrt4

UuidToStringA
RpcStringFreeA
UuidCreate

shlwapi

AssocQueryStringW
wnsprintfA
UrlGetPartA
wvnsprintfA
wnsprintfW

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 290KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c04ff45cc55c743ecec3dedb1f0dfa7a

Headers

File Characteristics

Imports

oleaut32

kernel32

shell32

ole32

rpcrt4

shlwapi

Sections

.text Size: 17KB - Virtual size: 16KB

.data Size: 7KB - Virtual size: 10KB

.rsrc Size: 3KB - Virtual size: 3KB

.rdata Size: 290KB - Virtual size: 307KB

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 7KB - Virtual size: 10KB

.rsrc
Size: 3KB - Virtual size: 3KB

.rdata
Size: 290KB - Virtual size: 307KB