9a5aa836a9ae5c84f4e5a80fbebc17f342b61db78931b24d9b27c8883485b34b

Sharing

Copy URL Twitter E-mail

General

Target

9a5aa836a9ae5c84f4e5a80fbebc17f342b61db78931b24d9b27c8883485b34b
Size

135KB
MD5

177978f9650a23b2460b4951b18ea868
SHA1

90fbe4849356805ed86dd22da4656e68266c4a98
SHA256

9a5aa836a9ae5c84f4e5a80fbebc17f342b61db78931b24d9b27c8883485b34b
SHA512

0de1610ba4b63518a33af61c8ed3db55c3b967f9a642f09957cb551003ef42828399d46556cb52d1a2447da51bb95366060d0062c4c13560baba38497cd3acf3
SSDEEP

3072:gtPAzBygNZk3dHUhHWzaGhcEk6JOhIqOBZgIcQ2ZAamSlDe:gMjNWUh2zZ80lDrcQAAamH

Score

N/A

Malware Config

Signatures

Files

9a5aa836a9ae5c84f4e5a80fbebc17f342b61db78931b24d9b27c8883485b34b
.exe windows x86

48603ad4ba2fca6b52e298aa155c2b39

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

__setusermatherr
_except_handler3
_CIpow
__p__commode
_XcptFilter
__set_app_type
_filelengthi64
log10
__p__fmode
_controlfp
_open_osfhandle
strncmp
exit
_initterm
_adjust_fdiv
ftell
_acmdln
__getmainargs
setlocale

kernel32

GetModuleHandleA
GetEnvironmentVariableA
InterlockedDecrement
GetStartupInfoA
CreateProcessW
DeleteFileW
CopyFileA
FlushFileBuffers
GetEnvironmentStringsW
VirtualProtect
InterlockedCompareExchange

shell32

ExtractIconW
SHGetFolderLocation
ShellExecuteExA
ExtractIconExW
SHCreateDirectoryExA
SHFileOperationW
SHGetSpecialFolderPathA
ShellExecuteA
SHGetSpecialFolderPathW
SHGetSettings
SHBindToParent

advapi32

RegEnumKeyW
RegQueryValueA
OpenSCManagerA
AddAccessAllowedAce
CryptCreateHash
RegDeleteKeyW
RegDeleteKeyA
RegFlushKey
AdjustTokenPrivileges
RegCreateKeyA
RegOpenKeyExW
RegSetValueExW
RegOpenKeyExA

version

VerInstallFileA
GetFileVersionInfoW
GetFileVersionInfoA
VerQueryValueW
VerFindFileW
VerLanguageNameA
GetFileVersionInfoSizeW

comctl32

ImageList_GetBkColor
ImageList_Add
ImageList_LoadImageA
CreatePropertySheetPageA
ImageList_DrawEx
ImageList_Draw
ImageList_AddMasked
ImageList_SetDragCursorImage
ImageList_Read

oleaut32

VariantCopy
SafeArrayPtrOfIndex
SafeArrayUnaccessData
SafeArrayGetElement
VariantClear
SafeArrayRedim
LoadTypeLib

ole32

ReleaseStgMedium
IsEqualGUID
CoGetMalloc
OleInitialize
RegisterDragDrop
CLSIDFromString

user32

EndPaint
SetCapture
DrawEdge
GetDCEx
LoadCursorA
IsChild
GetIconInfo
CreatePopupMenu
PostMessageA
GetScrollInfo
GetMenuItemCount

gdi32

GetBrushOrgEx
PlayMetaFile
SetColorAdjustment
CreateEllipticRgn
SetWorldTransform
PolyDraw
GetPaletteEntries

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

48603ad4ba2fca6b52e298aa155c2b39

Headers

File Characteristics

Imports

msvcrt

kernel32

shell32

advapi32

version

comctl32

oleaut32

ole32

user32

gdi32

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 17KB - Virtual size: 40KB

.rsrc Size: 99KB - Virtual size: 119KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 17KB - Virtual size: 40KB

.rsrc
Size: 99KB - Virtual size: 119KB