b821b448d6a6101489e2519607058e826d755cb783c176345eeb2bc70ca4b128

Sharing

Copy URL Twitter E-mail

General

Target

b821b448d6a6101489e2519607058e826d755cb783c176345eeb2bc70ca4b128
Size

100KB
MD5

203ca488ff8121e7f7cecd95c11df13d
SHA1

ad1f61b78282ac920b9bab09b46502b30db1bcd6
SHA256

b821b448d6a6101489e2519607058e826d755cb783c176345eeb2bc70ca4b128
SHA512

30a72114cde8a4ffd86ed53e2052dc1b58c1019fdc23fbf476e12bcc9207836b34d7e673e654f600dbb33ff517acfb79fdd5c56e97c30ca5d5aed19901aa5046
SSDEEP

1536:6THhBkxzn4iD66XUEb3msMf4KsO4eSnsypF+qqjtax+57bma62fR2v:6DuznxxUs3m3gKX4yGF+XjtakmhWR

Score

N/A

Malware Config

Signatures

Files

b821b448d6a6101489e2519607058e826d755cb783c176345eeb2bc70ca4b128
.exe windows x86

64625ab46ced8aa0a09a58814b602a07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetCurrentThreadId
DeleteCriticalSection
ResetEvent
GetEnvironmentStrings
LoadLibraryExA
GetSystemDefaultLangID
DeleteFileA
InitializeCriticalSection
GetCommandLineA
CloseHandle
SetLastError
FormatMessageA
LoadResource
GetOEMCP
LoadLibraryA
GetProcAddress
lstrlenA
HeapDestroy
MulDiv
ExitThread
GetACP
SetErrorMode
SizeofResource
lstrcpynA
CompareStringA
FindFirstFileA
ExitProcess
VirtualQuery
GlobalAddAtomA
GetCurrentProcess
FindClose
GetFullPathNameA
Sleep
GetUserDefaultLCID
GetStartupInfoA
WaitForSingleObject
GetCurrentThread
SetHandleCount
SetThreadLocale
VirtualAlloc
HeapFree
GetModuleHandleA
VirtualFree
ReadFile
CreateFileA
lstrcpyA
lstrcmpiA
GetStringTypeW
EnterCriticalSection
GlobalFindAtomA
VirtualAllocEx
LockResource
GetTickCount
GetCPInfo
LocalAlloc
CreateThread
GetVersionExA
lstrcatA
LocalReAlloc
GetDiskFreeSpaceA
GetFileType
GlobalDeleteAtom
GetLastError
GetStdHandle
GetDateFormatA
RaiseException
LocalFree
GetLocalTime

advapi32

RegCreateKeyA

msvcrt

memmove
tan
rand
strncmp
memcmp

shlwapi

SHSetValueA
SHDeleteKeyA
SHStrDupA
SHEnumValueA
PathIsDirectoryA
SHQueryValueExA
PathFileExistsA
PathIsContentTypeA

oleaut32

SafeArrayGetElement
SysReAllocStringLen
SafeArrayCreate
VariantChangeType
SafeArrayGetUBound
SysFreeString
GetErrorInfo
SafeArrayPtrOfIndex

user32

IsWindowVisible
GetMenuItemInfoA
EnableWindow
CreatePopupMenu
SetWindowPos
SystemParametersInfoA
IsWindowEnabled
ShowWindow
GetClassLongA
MessageBoxA
TrackPopupMenu
GetActiveWindow
EnumWindows
DispatchMessageA
GetMessagePos
GetWindow
GetSysColorBrush
CallWindowProcA
GetClientRect
GetPropA
GetForegroundWindow
FrameRect
GetCursor
EnableScrollBar
DefWindowProcA
GetSubMenu
GetSysColor
IsChild
GetScrollRange
GetClipboardData
GetDC
GetFocus
EnableMenuItem
GetCapture
CreateMenu
CallNextHookEx

comctl32

ImageList_Destroy
ImageList_DragShowNolock
ImageList_Draw
ImageList_GetBkColor

shell32

SHGetDesktopFolder
SHGetFolderPathA

ole32

CoReleaseMarshalData
CoGetObjectContext
GetHGlobalFromStream
CreateStreamOnHGlobal
CoTaskMemFree
CoCreateFreeThreadedMarshaler
WriteClassStm
CoCreateInstanceEx
CLSIDFromProgID
StringFromIID

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64625ab46ced8aa0a09a58814b602a07

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

shlwapi

oleaut32

user32

comctl32

shell32

ole32

Sections

.text Size: 47KB - Virtual size: 46KB

.bss Size: 512B - Virtual size: 412B

.idata Size: 47KB - Virtual size: 46KB

.rdata Size: 1KB - Virtual size: 1KB

.init Size: 2KB - Virtual size: 2KB

.text
Size: 47KB - Virtual size: 46KB

.bss
Size: 512B - Virtual size: 412B

.idata
Size: 47KB - Virtual size: 46KB

.rdata
Size: 1KB - Virtual size: 1KB

.init
Size: 2KB - Virtual size: 2KB