ad805f2c79e6c054f058a84e780a48a77c052a2dfbe4e32c3c1a7a5dd1f37ffd

General

Target

ad805f2c79e6c054f058a84e780a48a77c052a2dfbe4e32c3c1a7a5dd1f37ffd
Size

219KB
MD5

cfa5ba0316358dd59fe0f23cdfecd858
SHA1

ce81ab46ea7bf86a3b3fc13a0efc2dc7e86bba55
SHA256

ad805f2c79e6c054f058a84e780a48a77c052a2dfbe4e32c3c1a7a5dd1f37ffd
SHA512

8fb217d3f5a084969b6051bcc17a71d53f0b73a682b53a6e912b7fcb342902555e0c8496d2fa43ada37907a75c560acd5f9a81b99a0015bf7b5205cf7afecca0
SSDEEP

6144:L2c9u/mDSINrrHdBDhaBNEbzLp3fj2WKxVv:L2L/mDzZZvGWzLpDKxV

Score

N/A

Malware Config

Signatures

Files

ad805f2c79e6c054f058a84e780a48a77c052a2dfbe4e32c3c1a7a5dd1f37ffd
.exe windows x86

8e1029ddff721c83f06f39c6e9822303

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CreateItemMoniker
OleCreateLinkFromData
CoCreateFreeThreadedMarshaler
CoReleaseMarshalData

user32

SendMessageW
DdeConnectList
VkKeyScanW
SetMenu
UpdateWindow
GetQueueStatus
UnregisterClassA
BeginPaint
TranslateAcceleratorA
EnableWindow
GetWindowRect
IsDialogMessageA
CharNextW
GetClassInfoW
DdeCreateStringHandleW
RegisterClipboardFormatA
GetClassNameW
GetDlgItem
GetScrollPos
GetClipboardData
ReplyMessage
CharPrevW
ScreenToClient
SetForegroundWindow
GetMenuStringW
ShowCaret
LoadImageA
GetClassLongW
CheckMenuItem
SetClassLongW
FrameRect

advapi32

GetSecurityDescriptorControl
RegQueryInfoKeyA
BuildExplicitAccessWithNameW
RegisterEventSourceW
OpenServiceW
SetServiceStatus
SetSecurityDescriptorDacl

kernel32

GetSystemInfo
SearchPathW
DosDateTimeToFileTime
GetCurrentThread
GetCommandLineA
VirtualAlloc
GetShortPathNameA
GetExitCodeThread
FreeEnvironmentStringsW
TransactNamedPipe
GetCurrentProcess
GetPrivateProfileIntW
CreateFileW
WritePrivateProfileSectionA
WriteFile
_lopen
lstrlenA
GetSystemTimeAsFileTime
MoveFileExW
FlushInstructionCache
lstrcatW
TlsSetValue
Process32NextW
QueryDosDeviceA
GetSystemDefaultLangID
GetEnvironmentStringsW
VirtualProtect
Sleep
ExitProcess
GetTempPathA

msvcrt

exit
_wcslwr
ctime
_setmbcp
_fpreset
_CxxThrowException
atoi
_snwprintf
_wsplitpath
iswdigit
bsearch
strncpy
wcstod

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8e1029ddff721c83f06f39c6e9822303

Headers

File Characteristics

Imports

ole32

user32

advapi32

kernel32

msvcrt

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 202KB - Virtual size: 201KB

.data Size: 11KB - Virtual size: 11KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 202KB - Virtual size: 201KB

.data
Size: 11KB - Virtual size: 11KB