f776bf009d205b8293ca37e3528e5e6a35e10ba85900faf6bda4e0ab41fc820e

Sharing

Copy URL Twitter E-mail

General

Target

f776bf009d205b8293ca37e3528e5e6a35e10ba85900faf6bda4e0ab41fc820e
Size

1.9MB
MD5

1957df8f70086a511a2d196f91c3664e
SHA1

52c4e02c0225a11b5ba5474bb36b178a134950c5
SHA256

f776bf009d205b8293ca37e3528e5e6a35e10ba85900faf6bda4e0ab41fc820e
SHA512

aff6eaad96347ea4cc0f0294e241df7e58f07a900aff72ed266e6f3527191850d9ce64a41335e334156123476e7fbd507cb898911eda45e58f512dbb83598614
SSDEEP

49152:ym8TlQ0Y53cistXM08CvslUif0jfsre3/z3g+:ApQR5JsSC4G73g+

Score

N/A

Malware Config

Signatures

Files

f776bf009d205b8293ca37e3528e5e6a35e10ba85900faf6bda4e0ab41fc820e
.exe windows x86

d40f5f23b4cc31b17fbe89df30823e39

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsSetValue
HeapCreate
GetCurrentProcess
ExitProcess
FileTimeToLocalFileTime
CreateProcessA
GetTempPathA
IsBadWritePtr
RtlUnwind
TlsGetValue
lstrcmpiW
GetConsoleMode
VirtualFree
GetWindowsDirectoryW
LoadLibraryExA
CreateDirectoryA
SetThreadPriority
VirtualAllocEx
FormatMessageA
ResetEvent
FindNextFileW
WideCharToMultiByte
GetSystemDirectoryW
GetLocalTime
CloseHandle
CompareStringA
OutputDebugStringA
TlsAlloc
CreateFileMappingA
LocalFree

user32

GetCapture
CharNextW
UnhookWindowsHookEx
CharNextA
PtInRect
GetFocus
CallNextHookEx
RegisterClassExA
GetClassNameW
GetWindowTextW
MapWindowPoints
GetClientRect
SendDlgItemMessageW
GetSystemMetrics
SetRect
FindWindowA
CopyRect
FillRect
CreatePopupMenu
CharLowerW
LoadImageW
DrawTextW

version

GetFileVersionInfoW
VerQueryValueA
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoSizeA

ole32

CoGetClassObject
StringFromIID
StgCreateDocfile
CoGetObjectContext
CoReleaseMarshalData
OleRegGetUserType
PropVariantClear
CoRevertToSelf
CoCreateFreeThreadedMarshaler
CoInitialize
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
GetRunningObjectTable
WriteClassStm
CoCreateGuid
OleRegGetMiscStatus
OleInitialize
CoInitializeEx
CoDisconnectObject
CoGetInterfaceAndReleaseStream
CoGetApartmentID
StringFromGUID2
CoRevokeClassObject
CoCreateInstanceEx
CoImpersonateClient

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 203KB - Virtual size: 710KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RT_CODE
Size: 459KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 1.3MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d40f5f23b4cc31b17fbe89df30823e39

Headers

File Characteristics

Imports

kernel32

user32

version

ole32

Sections

.text Size: 26KB - Virtual size: 25KB

.orpc Size: 203KB - Virtual size: 710KB

RT_CODE Size: 459KB - Virtual size: 1.4MB

DATA Size: 1.3MB - Virtual size: 3.2MB

.tls Size: - Virtual size: 13KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 26KB - Virtual size: 25KB

.orpc
Size: 203KB - Virtual size: 710KB

RT_CODE
Size: 459KB - Virtual size: 1.4MB

DATA
Size: 1.3MB - Virtual size: 3.2MB

.tls
Size: - Virtual size: 13KB

.rsrc
Size: 10KB - Virtual size: 9KB