a19d0515eaa76c7e7ca04e0c15842d9dae2a73983e977f0c4f68f2fa80570ca1

Sharing

Copy URL

Twitter E-mail

General

Target

a19d0515eaa76c7e7ca04e0c15842d9dae2a73983e977f0c4f68f2fa80570ca1
Size

308KB
MD5

61b2514d72312fe06aa74256606cd10f
SHA1

bb4229520872564d8215ff083ef7d1ecf9de2d87
SHA256

a19d0515eaa76c7e7ca04e0c15842d9dae2a73983e977f0c4f68f2fa80570ca1
SHA512

3cef87b918e8f12c814494917f22206cc6bb0332c7b2e0720d4be8c4fe364ff9bafbf8c7c74a63f55c3900ed53bc09d1d2a3444d43eb0ae2d9968119c63886e3
SSDEEP

3072:qfMk/8GOz0jQMG7ddv3iVIQSJ4BQbpNbiM+TWAQCLZoj3vUQVx7NKb4JT:qkk/89LXHD+QbKTHgU27gb4J

Score

N/A

Malware Config

Signatures

Files

a19d0515eaa76c7e7ca04e0c15842d9dae2a73983e977f0c4f68f2fa80570ca1
.exe windows x86

5fafe895765a36cb07bca299aa89b323

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgOpenStorage
CLSIDFromProgID
CoCreateInstance
CreateBindCtx
OleRun
WriteClassStg
CoTaskMemFree
StringFromGUID2
StgCreateDocfile
ReadClassStm
ReleaseStgMedium
WriteClassStm
OleRegGetUserType
CoFreeUnusedLibraries
ReadClassStg
CreateStreamOnHGlobal

gdi32

GetRgnBox
GetTextMetricsA
CreateCompatibleDC
CreateRectRgnIndirect
DeleteMetaFile
GetTextExtentPoint32A
DeleteDC
CreateDCA
CreateMetaFileA
GetObjectA
CloseMetaFile

advapi32

RegQueryValueExA
RegEnumKeyExA
RegCloseKey
RegOpenKeyExA

urlmon

CreateAsyncBindCtx
CreateURLMoniker
RegisterBindStatusCallback

kernel32

GetStringTypeExA
GetLocaleInfoA
CompareStringW
GetCurrentProcessId
lstrlenW
GetProcessHeap
HeapAlloc
Sleep
lstrcmpiW
InterlockedExchange
IsDebuggerPresent
GetProcessVersion
GetModuleFileNameA
GetACP
WideCharToMultiByte
GetCurrentThreadId
CompareStringA
GetVersionExA
lstrlenA
FormatMessageA
InterlockedDecrement
MultiByteToWideChar
ExitProcess
GetVersion
GetSystemTimeAsFileTime
FreeLibrary
LoadLibraryA
GetTickCount
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetProcAddress
GetCurrentProcessId
HeapFree
GetStartupInfoA
QueryPerformanceCounter
GetEnvironmentVariableA
GetThreadLocale
GetStringTypeExW
InterlockedCompareExchange
TerminateProcess
lstrcmpiA
GetLastError
GetEnvironmentVariableW
OutputDebugStringA
GetUserDefaultLCID

ddraw

DirectDrawCreate
DirectDrawEnumerateA
DirectDrawCreateEx

shlwapi

PathCompactPathA

user32

GetUpdateRect
GetSysColor
CharUpperA
GetCursorPos
UpdateWindow
EqualRect
GetWindowRect
LoadMenuA
ReleaseDC
SetRectEmpty
CharLowerW
InvalidateRect
UnionRect
OffsetRect
GetParent
ScreenToClient
CharLowerA
EnableWindow
ReleaseCapture
IsClipboardFormatAvailable
GetClientRect
SendMessageA
GetSubMenu
GetKeyState
GetClassInfoA
EnableMenuItem
RegisterClipboardFormatA
SetCapture
InvalidateRgn
GetDC
PtInRect
PostMessageA
InflateRect
GetSysColorBrush
IntersectRect
CharUpperW
IsRectEmpty

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5fafe895765a36cb07bca299aa89b323

Headers

File Characteristics

Imports

ole32

gdi32

advapi32

urlmon

kernel32

ddraw

shlwapi

user32

Sections

.text Size: 130KB - Virtual size: 130KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 61KB - Virtual size: 60KB

.rsrc Size: 112KB - Virtual size: 136KB

.text
Size: 130KB - Virtual size: 130KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 61KB - Virtual size: 60KB

.rsrc
Size: 112KB - Virtual size: 136KB