c5b36b5b42ca253c8d1eee7b33eaa0e99f0669715c42a894b0fe79ce096bc3c1

General

Target

c5b36b5b42ca253c8d1eee7b33eaa0e99f0669715c42a894b0fe79ce096bc3c1
Size

76KB
MD5

370c176131dbbba61948a8cb373325c5
SHA1

de4efe6edf516a734aa8657e684311e0f86cf24d
SHA256

c5b36b5b42ca253c8d1eee7b33eaa0e99f0669715c42a894b0fe79ce096bc3c1
SHA512

7dd7e60e60b6b5ecef45a79ae80c061f328ff00079e81ba79a10679b80fb79896a84cda9e57b23013e72980c8333131cfbca00fd51dfba8c3db228c05ad07afe
SSDEEP

1536:gcH1gwL+VTjiH7/4G0dPzscw6ZPLFWaFdRFIQej99sa2X:rVIVviH/azsj6ZfDnej9

Score

N/A

Malware Config

Signatures

Files

c5b36b5b42ca253c8d1eee7b33eaa0e99f0669715c42a894b0fe79ce096bc3c1
.exe windows x86

f66fa1401ba903b536d1e6e7d980ec0f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileExW
IsBadReadPtr
VirtualFree
GetModuleHandleA
GetPrivateProfileIntA
LoadLibraryA
WritePrivateProfileSectionW
VirtualAlloc
GetCurrentDirectoryW
SetEvent
GetLocaleInfoW
GetTempFileNameW
VirtualProtect
GetModuleHandleW

msvcrt

is_wctype
strncmp
memcpy
??0bad_typeid@@QAE@PBD@Z
strpbrk
getenv
cosh
__fpecode
_putch
_getmaxstdio
getwc

comdlg32

dwLBSubclass
LoadAlterBitmap
WantArrows
PrintDlgW
FindTextA
PrintDlgExA
ChooseFontW
PrintDlgExA
GetOpenFileNameW
Ssync_ANSI_UNICODE_Struct_For_WOW
CommDlgExtendedError
FindTextW

winmm

WOWAppExit
mciGetErrorStringA
midiOutMessage
waveOutPause
mid32Message
mmioGetInfo
WOW32DriverCallback
mmioSeek
NotifyCallbackData
auxGetDevCapsW
midiInClose
mmioFlush
timeGetTime

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f66fa1401ba903b536d1e6e7d980ec0f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

comdlg32

winmm

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 17KB - Virtual size: 17KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 512B - Virtual size: 60B

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 17KB - Virtual size: 17KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 512B - Virtual size: 60B