a3aba5cf68b1ee7aad3a7179159c64346db469f5d14ec2747340c87c4d446164

Sharing

Copy URL Twitter E-mail

General

Target

a3aba5cf68b1ee7aad3a7179159c64346db469f5d14ec2747340c87c4d446164
Size

236KB
MD5

d113dbc104fb1e35c99f6e6608379dac
SHA1

97a3b38825194788d1267505d87608fdb9819da5
SHA256

a3aba5cf68b1ee7aad3a7179159c64346db469f5d14ec2747340c87c4d446164
SHA512

a3454a34a760714a0fa63f6d10d13525d2bbbcbd28d5537bc479664622be90794631a374b83ce8c52384cbbb5a78b4e393701fc06ec1a1c834bc3b69855dfd13
SSDEEP

6144:eT3o8MBaGD8AqsN+eYks1ovn/yUCLNvPCkICv:IyaGQAqsN+7k+ovn/yUeNvPCkICv

Score

N/A

Malware Config

Signatures

Files

a3aba5cf68b1ee7aad3a7179159c64346db469f5d14ec2747340c87c4d446164
.exe windows x86

e1ffd84b9d6d719a94e0c525b7ee1054

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DdeSetQualityOfService
DdeAbandonTransaction
DestroyCursor
SetClassLongW
LoadKeyboardLayoutW
GetDlgItem
GetUserObjectSecurity
SetMenuItemBitmaps

gdi32

GetDIBColorTable
EnumFontFamiliesExW
GetTextExtentPointW
GetNearestPaletteIndex
CloseFigure
GetPolyFillMode
PolyPolygon
GetDeviceGammaRamp
StartDocW
CreatePenIndirect
SetMapMode
ExtCreateRegion
EnumICMProfilesA
CreateHalftonePalette
ExtEscape
GetCharWidthW
GetLogColorSpaceW
CheckColorsInGamut
GetDIBits
RealizePalette
SelectClipPath
BeginPath
ColorMatchToTarget

comdlg32

GetSaveFileNameW
GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA
ChooseFontA
ChooseColorW
ReplaceTextA
GetFileTitleW
PrintDlgA
PageSetupDlgW
PageSetupDlgA
LoadAlterBitmap
ReplaceTextW
FindTextW

advapi32

CryptEnumProviderTypesW
CryptGetHashParam
RegCreateKeyExW
CryptDestroyHash
StartServiceW
CryptCreateHash
RegEnumKeyA
CryptSetProviderA
RegRestoreKeyW
CryptContextAddRef
RegConnectRegistryW
CryptGetKeyParam
CryptVerifySignatureW
RegEnumKeyW
RegSetKeySecurity
CryptGetDefaultProviderW
RegDeleteValueW
CryptExportKey
RegLoadKeyA
DuplicateToken
CryptSetProviderExA

kernel32

GetCPInfo
GetLastError
GetModuleFileNameW
GetSystemTimeAsFileTime
EnumSystemCodePagesW
GetTickCount
QueryPerformanceCounter
GetVersion
InitializeCriticalSection
GetCurrentThreadId
GetCurrentThread
WriteFile
GetEnvironmentStringsW
ExitProcess
RtlUnwind
TlsFree
LoadLibraryA
TlsGetValue
EnterCriticalSection
GetCurrentProcessId
GetStartupInfoA
TlsSetValue
GetStartupInfoW
TlsAlloc
GlobalUnlock
GetCommandLineW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetCurrentProcess
UnhandledExceptionFilter
VirtualAlloc
GetCommandLineA
HeapCreate
HeapReAlloc
InterlockedExchange
VirtualFree
SetFileAttributesW
TerminateProcess
GetModuleFileNameA
SetConsoleTextAttribute
GetModuleHandleA
LeaveCriticalSection
SetLastError
HeapFree
CreateToolhelp32Snapshot
WaitForMultipleObjects
VirtualQuery
GetStdHandle
MultiByteToWideChar
SetHandleCount
IsBadWritePtr
CreateFileMappingA
DeleteCriticalSection
HeapDestroy
HeapAlloc
GetEnvironmentStrings
GetProcAddress
GetProcAddress
lstrcmpi
GetFileType

shell32

ExtractIconA
SHGetFileInfoW
SHEmptyRecycleBinA
ShellExecuteExA
ExtractIconW
ShellHookProc
SHGetInstanceExplorer
RealShellExecuteExA
CommandLineToArgvW
SHAddToRecentDocs

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1ffd84b9d6d719a94e0c525b7ee1054

Headers

File Characteristics

Imports

user32

gdi32

comdlg32

advapi32

kernel32

shell32

Sections

.text Size: 100KB - Virtual size: 99KB

.data Size: 129KB - Virtual size: 129KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 100KB - Virtual size: 99KB

.data
Size: 129KB - Virtual size: 129KB

.rsrc
Size: 2KB - Virtual size: 1KB