df9c69557b45c1c78e992a5ec739f0004a271ae0899285fcdd6b2dfc5d8a2ca0

Sharing

Copy URL

Twitter E-mail

General

Target

df9c69557b45c1c78e992a5ec739f0004a271ae0899285fcdd6b2dfc5d8a2ca0
Size

154KB
MD5

02a096d215b4f25d5269a27893bf96e0
SHA1

9556c985a4af67086ca9f315d66669bbee7ea74f
SHA256

df9c69557b45c1c78e992a5ec739f0004a271ae0899285fcdd6b2dfc5d8a2ca0
SHA512

438f8e310ec6688e435e357059a0cd7470cb17359d442534b537e9da277ac8108f72f1ed7aa73c287971ea773ba715b2a5985f971465f583a23890d75c8d31da
SSDEEP

3072:FsS/Ez5JIYuN8VwRjbGHTarFNFgREtOBnsk2PLczjjfDCgt:FsIEzC8wbHanBnsk2P8jj+gt

Score

N/A

Malware Config

Signatures

Files

df9c69557b45c1c78e992a5ec739f0004a271ae0899285fcdd6b2dfc5d8a2ca0
.exe windows x86

12c84c2778386417385d63e89fc905d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
GlobalFindAtomA
ExitThread
lstrcpyA
DeleteCriticalSection
CreateEventA
GetModuleHandleA
GetFileAttributesA
LoadLibraryExA
EnumCalendarInfoA
FormatMessageA
WideCharToMultiByte
MulDiv
CompareStringA
FindResourceA
FreeResource
GetLocalTime
SetFilePointer
SetEvent
VirtualAllocEx
LoadResource
GetDateFormatA
GetLastError
GetACP
GetStdHandle
GetFullPathNameA
HeapFree
GetCommandLineA
GetDiskFreeSpaceA
LocalReAlloc
GetModuleFileNameA
LockResource
EnterCriticalSection
GetStartupInfoA
lstrcmpA
lstrcmpiA
LoadLibraryA
GetVersion
GetProcAddress
SetErrorMode
FreeLibrary
CloseHandle
GetCPInfo
GetThreadLocale
VirtualFree

version

GetFileVersionInfoA
VerFindFileA
VerInstallFileA

msvcrt

tan
memmove
strcmp

comctl32

ImageList_Add
ImageList_Read
ImageList_Create
ImageList_Write
ImageList_DragShowNolock
ImageList_Remove
ImageList_DrawEx
ImageList_Draw
ImageList_GetBkColor
ImageList_Destroy

advapi32

RegQueryValueA

oleaut32

RegisterTypeLib
SafeArrayCreate
OleLoadPicture
VariantChangeType
SysAllocStringLen
SysStringLen
SafeArrayUnaccessData
SysFreeString
GetErrorInfo
VariantCopyInd

user32

EqualRect
GetClassNameA
IsChild
SetClassLongA
DispatchMessageW
DefMDIChildProcA
SetWindowLongA
SetWindowPos
GetCursor
DestroyIcon
GetCapture
DrawEdge
GetKeyboardType
SetScrollInfo
MsgWaitForMultipleObjects
PtInRect
PeekMessageA
GetWindowRect
GetActiveWindow
CloseClipboard
GetClientRect
TranslateMDISysAccel
MessageBeep
GetClassLongA
GetSubMenu
UpdateWindow
OemToCharA
DrawIconEx
FrameRect
DestroyCursor
SetClipboardData
DrawIcon
CharUpperBuffA

shlwapi

SHDeleteKeyA
SHGetValueA
PathGetCharTypeA
PathIsDirectoryA
SHEnumValueA
SHQueryValueExA
PathIsContentTypeA
SHDeleteValueA

shell32

SHFileOperationA
DragQueryFileA
Shell_NotifyIconA
SHGetDesktopFolder
SHGetSpecialFolderLocation

Sections

CODE
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

BSS
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12c84c2778386417385d63e89fc905d5

Headers

File Characteristics

Imports

kernel32

version

msvcrt

comctl32

advapi32

oleaut32

user32

shlwapi

shell32

Sections

CODE Size: 29KB - Virtual size: 29KB

.edata Size: 512B - Virtual size: 120KB

BSS Size: 123KB - Virtual size: 123KB

CODE
Size: 29KB - Virtual size: 29KB

.edata
Size: 512B - Virtual size: 120KB

BSS
Size: 123KB - Virtual size: 123KB