d421955f4d6ea256411ad2710611df1e2c4d62354401b17cec408edf2e2ab250

Sharing

Copy URL Twitter E-mail

General

Target

d421955f4d6ea256411ad2710611df1e2c4d62354401b17cec408edf2e2ab250
Size

97KB
MD5

4e75642ab9583a833c752109d6fff960
SHA1

e0b8658f6396bc55c03dbdbc2be8890dbb7c9fd3
SHA256

d421955f4d6ea256411ad2710611df1e2c4d62354401b17cec408edf2e2ab250
SHA512

7f0e6f49038be1811bf7e38145552101f50e0c7b99d9dc6156b0be40e94e204b752319f15dd3a30135fc72e85d53833c3d5e4e40090c34f642118995cd3fc35c
SSDEEP

1536:26S5MDdVWG/KJX9kGtFoQJIrkZqISmaMXbTipPgMeiV5kd:VHGvDxIrk0bUsPgMzE

Score

N/A

Malware Config

Signatures

Files

d421955f4d6ea256411ad2710611df1e2c4d62354401b17cec408edf2e2ab250
.exe windows x86

e5c69a458a0a30e7fdb8b5440daa64b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToDosDateTime
lstrcmpiW
GetEnvironmentStringsW
WaitForMultipleObjects
IsDBCSLeadByte
GetCommandLineA
lstrlenW
GetSystemDefaultLCID
lstrcatA
FileTimeToLocalFileTime
WideCharToMultiByte
OpenProcess
GetNumberFormatA
GetCPInfo
GetWindowsDirectoryA
GetSystemTime
GetLastError
ExpandEnvironmentStringsA
VirtualProtectEx

msvcrt

_except_handler3
__set_app_type
strstr
_exit
__getmainargs
_iob
__setusermatherr
strncpy
__p___initenv
getenv
_controlfp
sprintf
sqrt
free
strlen
abort
_initterm
fputs
calloc
__p__fmode
_XcptFilter
exit
memmove
_adjust_fdiv
__p__commode

comdlg32

GetOpenFileNameA

user32

GetMenuItemID
GetMessagePos
IsDialogMessageA
ReleaseCapture
ClientToScreen
AdjustWindowRectEx
PtInRect
CallNextHookEx
EndPaint
SetDlgItemTextA
DrawFrameControl
WindowFromPoint

ole32

OleDraw
DoDragDrop
OleIsCurrentClipboard
CoRevokeClassObject
CLSIDFromString
StringFromIID
RegisterDragDrop
ReleaseStgMedium
CoFreeUnusedLibraries
CoInitialize
CoInitializeEx
OleUninitialize
CoDisconnectObject
OleGetClipboard
StgOpenStorage

gdi32

Pie
CopyMetaFileW
StrokeAndFillPath
CreateICW
CreateDIBitmap
SetArcDirection
Polyline
InvertRgn
GetRegionData
DPtoLP
GetDIBits

advapi32

RegQueryValueExA
RegOpenKeyExA
AdjustTokenPrivileges
RegOpenKeyA
OpenSCManagerA
InitializeSecurityDescriptor
CryptGenRandom
RegEnumKeyExW
RegCreateKeyA
CryptAcquireContextA
RegDeleteValueW
AddAccessAllowedAce
RegEnumKeyW
CryptDestroyHash

comctl32

ImageList_DragEnter
ImageList_SetDragCursorImage
ImageList_SetIconSize
ImageList_GetImageInfo
ImageList_EndDrag
ImageList_Destroy
ImageList_Replace
DestroyPropertySheetPage
ImageList_SetImageCount
ImageList_GetIcon
ImageList_GetBkColor

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5c69a458a0a30e7fdb8b5440daa64b0

Headers

File Characteristics

Imports

kernel32

msvcrt

comdlg32

user32

ole32

gdi32

advapi32

comctl32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 9KB - Virtual size: 47KB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 9KB - Virtual size: 47KB

.rsrc
Size: 19KB - Virtual size: 18KB