db6f948e3b358fd70ab8e59bd4dd8faba9dc79d2993a274d5d81121dfb9cce16

Sharing

Copy URL Twitter E-mail

General

Target

db6f948e3b358fd70ab8e59bd4dd8faba9dc79d2993a274d5d81121dfb9cce16
Size

25KB
MD5

da699c5fd77f7b31ea793270868d8739
SHA1

b03a399a4a965d2333f16ef20893ef34a7a17488
SHA256

db6f948e3b358fd70ab8e59bd4dd8faba9dc79d2993a274d5d81121dfb9cce16
SHA512

84694e2407bd99cd907879af74b8a9848d29e960ef410f364001c40e8983a67e59f3c4be583a0fb9d00d974cbbaf0593b1696aca62289008e4754d2ba6e80d2b
SSDEEP

384:oN4ebELU7NxfexrJnVk1X1mQ3mi244WxY90Hl9A30bPII:m45LUxxfyrfk1XgE4440Ysl9cI

Score

N/A

Malware Config

Signatures

Files

db6f948e3b358fd70ab8e59bd4dd8faba9dc79d2993a274d5d81121dfb9cce16
.exe windows x86

711f24982a85b66ae53beed6f08cc1ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetModuleHandleA
VirtualFree
LeaveCriticalSection
VirtualAlloc
lstrcmpiW
ExitProcess
SetLastError
GetCommandLineA
InterlockedIncrement
LocalAlloc
HeapAlloc
lstrlenA
QueryPerformanceCounter
CloseHandle
CreateFileW
GetCurrentProcess
LoadLibraryW
HeapFree
MultiByteToWideChar
GetProcessHeap
UnhandledExceptionFilter
ReadFile
InterlockedCompareExchange
LocalFree
InterlockedDecrement
lstrlenW
DeleteCriticalSection
LoadLibraryA

user32

LoadIconW
ShowWindow
SetWindowPos
LoadStringW
TranslateMessage
SendMessageW
SetTimer
wsprintfA
SetWindowLongW
SendDlgItemMessageW
MessageBoxW
SetDlgItemTextW
LoadCursorW
GetParent
SetCursor
PostQuitMessage
GetDlgItem
wsprintfW
PostMessageW
ReleaseDC
SetWindowTextW
SetForegroundWindow
SetFocus
PeekMessageW

gdi32

SelectPalette
GdiSetLastError
GetTextExtentPointW
GetDeviceCaps
SetTextColor
SetMapMode
DeleteDC
CreateCompatibleBitmap
SelectObject
GetDIBits
LineTo
ExtTextOutW
CreateFontIndirectA
CreateRectRgn
CreateDIBSection
CreatePen
MoveToEx
SetWindowOrgEx
GetObjectA
Rectangle
TranslateCharsetInfo
CreateSolidBrush
GetTextExtentPoint32W
SetViewportOrgEx
SaveDC

version

GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoW

msvcrt

__p__commode
exit
_onexit
wcscmp
memmove
_adjust_fdiv
wcsrchr

ole32

StringFromGUID2
CoInitializeEx
CoCreateInstance
CoTaskMemRealloc
CLSIDFromString

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExA
RegQueryValueExW
GetTokenInformation
SetSecurityDescriptorDacl
RegEnumValueW
RegDeleteValueW
RegOpenKeyExW

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

711f24982a85b66ae53beed6f08cc1ca

Headers

File Characteristics

Imports

kernel32

user32

gdi32

version

msvcrt

ole32

advapi32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 7KB - Virtual size: 31KB

.rdata Size: 12KB - Virtual size: 27KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 7KB - Virtual size: 31KB

.rdata
Size: 12KB - Virtual size: 27KB