c409643283e312108196f6c11817ae9444ca2109f6dadc2695299b383bd818d4

Sharing

Copy URL Twitter E-mail

General

Target

c409643283e312108196f6c11817ae9444ca2109f6dadc2695299b383bd818d4
Size

177KB
MD5

a8b97749b88a955e33e7c1eb9fbcfb71
SHA1

719d61d742e449c9052354bf47d2ae8b84d862ab
SHA256

c409643283e312108196f6c11817ae9444ca2109f6dadc2695299b383bd818d4
SHA512

06db842fb4065df9a4994b6d554e1bc2ab12c090cb51fbfa14d3f0d8ef1f62f98e3dbe44d9a6ddaf6782a7cc36565e9edc6554c1abea721397f95dc037146f8d
SSDEEP

3072:doJpzrMgeLVjTg7gLmhTD0WAmJsaNeixUltWqGRn:doJ1oge9g7gLmhTD0WvBmEqG

Score

N/A

Malware Config

Signatures

Files

c409643283e312108196f6c11817ae9444ca2109f6dadc2695299b383bd818d4
.exe windows x86

f5b7135e774786c0def2dba5530844f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
VirtualAllocEx
GetCommandLineA
LoadLibraryExA
GetModuleHandleA
lstrlenA
ExitThread

shell32

SHGetDiskFreeSpaceA
SHGetFileInfoA
DragQueryFileA
SHFileOperationA

ole32

OleRun
CoCreateFreeThreadedMarshaler
CoTaskMemFree
StringFromIID
CreateBindCtx
CreateOleAdviseHolder
CLSIDFromProgID
StgCreateDocfileOnILockBytes

comctl32

ImageList_GetBkColor
ImageList_Create
ImageList_DragShowNolock
ImageList_Write
ImageList_Destroy
ImageList_Add
ImageList_DrawEx
ImageList_Remove
ImageList_Read
ImageList_Draw

user32

EqualRect
CallNextHookEx
EndDeferWindowPos
GetSysColorBrush
GetScrollInfo
CreateIcon
ShowWindow
BeginPaint
GetActiveWindow
EnumChildWindows
IsDialogMessageA
GetMenuState
GetDesktopWindow
GetCursorPos
SetWindowTextA
EndPaint
MessageBoxA
IsWindowVisible
GetMenuItemCount
GetClassInfoA
GetScrollRange
IsChild
DefWindowProcA
GetClassLongA
SetTimer
CreatePopupMenu
GetCursor
FrameRect
EnableMenuItem
CharLowerA
GetKeyState
DefFrameProcA
SetWindowPos
DispatchMessageW
IsWindowEnabled
GetMenuItemInfoA
SystemParametersInfoA
GetDC
GetClientRect
DrawIconEx
DeferWindowPos
EnumThreadWindows
DrawEdge
SetWindowLongA
CreateMenu
HideCaret
TrackPopupMenu
GetScrollPos
CheckMenuItem
CallWindowProcA
DrawIcon
GetMessagePos
GetCapture
DispatchMessageA
GetMenu
CharLowerBuffA
GetKeyNameTextA
GetClipboardData
RegisterClassA
CreateWindowExA
DrawMenuBar
GetMenuStringA
GetDlgItem
FindWindowA
BeginDeferWindowPos
FillRect
GetSysColor
GetParent

comdlg32

GetSaveFileNameA
ChooseColorA
FindTextA
GetOpenFileNameA

shlwapi

PathIsContentTypeA
PathFileExistsA
SHQueryValueExA
SHStrDupA

version

VerQueryValueA
GetFileVersionInfoA

msvcrt

strcmp
wcsncmp
memcpy
pow
memmove

oleaut32

SysStringLen

advapi32

GetUserNameA
RegEnumKeyExA

Sections

CODE
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 118KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5b7135e774786c0def2dba5530844f8

Headers

File Characteristics

Imports

kernel32

shell32

ole32

comctl32

user32

comdlg32

shlwapi

version

msvcrt

oleaut32

advapi32

Sections

CODE Size: 51KB - Virtual size: 51KB

.idata Size: 3KB - Virtual size: 3KB

.rdata Size: 118KB - Virtual size: 189KB

.bss Size: 2KB - Virtual size: 1KB

.tls Size: 512B - Virtual size: 512B

CODE
Size: 51KB - Virtual size: 51KB

.idata
Size: 3KB - Virtual size: 3KB

.rdata
Size: 118KB - Virtual size: 189KB

.bss
Size: 2KB - Virtual size: 1KB

.tls
Size: 512B - Virtual size: 512B