eaf05d4e4feff224fa23ee5fe68e5da45f3140c5dc6090e48e7d1da71310a7ac

Sharing

Copy URL Twitter E-mail

General

Target

eaf05d4e4feff224fa23ee5fe68e5da45f3140c5dc6090e48e7d1da71310a7ac
Size

139KB
MD5

955a450e908c0d43de782125b1e7d776
SHA1

1ba88989cd1263c5cd4a76fa043cf277f48acc5f
SHA256

eaf05d4e4feff224fa23ee5fe68e5da45f3140c5dc6090e48e7d1da71310a7ac
SHA512

5490d59c3ef5c731c5453fa8f39f70dd37ffcbef23b9fdda3affa2de01d66ea3873304c7694249838ccf16a8ba9c3062387c93145cdf588f3ea3391d5f8365d7
SSDEEP

3072:tByGJEc2Bncpq6OWEFR9GZCGh/XQPnxQPZibFuOEgd5Dhg:b1H2Cp+77nxlo4dH

Score

N/A

Malware Config

Signatures

Files

eaf05d4e4feff224fa23ee5fe68e5da45f3140c5dc6090e48e7d1da71310a7ac
.exe windows x86

4aad909989a976c6b81192aff1ef633e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
FileTimeToDosDateTime
IsValidCodePage
lstrcmpiW
IsBadWritePtr
LocalAlloc
GlobalHandle
CreateProcessW
GetStartupInfoA
GetStdHandle
GetSystemInfo
GetModuleHandleA
InterlockedExchange

msvcrt

_setjmp3
_strcmpi
__getmainargs
__set_app_type
sin
_itoa
_XcptFilter
__setusermatherr
_adjust_fdiv
_except_handler3
exit
_iob
__p__fmode
_wtoi
_initterm
__p__commode
_acmdln
log
calloc

user32

DrawIcon
WindowFromPoint
EnableWindow
GetCursorPos
SetWindowLongA
GetWindowThreadProcessId
IsWindowEnabled
UnhookWindowsHookEx

oleaut32

VariantCopy
SysAllocStringLen
SysFreeString
VariantCopyInd
VariantClear
SafeArrayPtrOfIndex
SafeArrayGetUBound
CreateErrorInfo
SetErrorInfo
SafeArrayPutElement

gdi32

GetWindowExtEx
CloseEnhMetaFile
Chord
ExtCreatePen
Escape
StartPage
CreateFontA
GetWindowOrgEx
GetDIBColorTable

advapi32

GetSecurityDescriptorDacl
OpenSCManagerA
OpenThreadToken
RegOpenKeyW
LookupPrivilegeValueW
RegCreateKeyA
FreeSid

ole32

CoInitializeSecurity
CoGetClassObject
CoTaskMemRealloc
StgOpenStorageOnILockBytes
OleSetClipboard
CLSIDFromString
OleSetMenuDescriptor
CoRegisterMessageFilter
StringFromCLSID

shell32

SHGetSettings
SHGetFileInfoA
SHFileOperationW
SHGetPathFromIDListW
ShellExecuteEx
DragQueryFileW
SHGetFolderLocation
SHGetSpecialFolderPathA

comctl32

ImageList_Add
ImageList_Destroy
PropertySheetA
ImageList_AddMasked
ImageList_SetIconSize
ImageList_ReplaceIcon
ImageList_EndDrag
ImageList_GetIconSize
ImageList_SetBkColor
DestroyPropertySheetPage

version

VerQueryValueA
VerFindFileW
GetFileVersionInfoSizeA
VerLanguageNameA
VerInstallFileA
GetFileVersionInfoSizeW

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4aad909989a976c6b81192aff1ef633e

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

oleaut32

gdi32

advapi32

ole32

shell32

comctl32

version

Sections

.text Size: 63KB - Virtual size: 63KB

.data Size: 49KB - Virtual size: 48KB

.rsrc Size: 25KB - Virtual size: 104KB

.text
Size: 63KB - Virtual size: 63KB

.data
Size: 49KB - Virtual size: 48KB

.rsrc
Size: 25KB - Virtual size: 104KB