8665fe50b9dad146807509e95f899e6948c019de6a99ffa67c64a8ed3c68d1b4

Sharing

Copy URL Twitter E-mail

General

Target

8665fe50b9dad146807509e95f899e6948c019de6a99ffa67c64a8ed3c68d1b4
Size

252KB
MD5

3b0494e41cd9f83552d638847c83a930
SHA1

4f299c6695c699496cd9b831534249653d439ee9
SHA256

8665fe50b9dad146807509e95f899e6948c019de6a99ffa67c64a8ed3c68d1b4
SHA512

05e5b4d06dcc9221199edbedf5b9577038e28e4c43046bfa6120bdacb0d26a946fe58baafb1816b6b87f0d8ebe4d87f37d8be7f80e7ab1dc367b80e5d8707720
SSDEEP

6144:D4JRVXFSuYvfdJU1sQ8mPsAFepqXx9S5QPNCUPPll:cJRP8asQvPsbgXzS5QPgyPll

Score

N/A

Malware Config

Signatures

Files

8665fe50b9dad146807509e95f899e6948c019de6a99ffa67c64a8ed3c68d1b4
.exe windows x86

85976c1e81174cd7296b7f7222fe51fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControls

hhctrl.ocx

HtmlHelpA

ole32

CoTaskMemFree

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA

mdabase

CreateShrinker
ErrorToString
GetShrinkerSize
ReleaseShrinker
RemoveStreams

kernel32

CloseHandle
CreateEventA
CreateFileA
ExitProcess
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
GetEnvironmentStrings
GetFileType
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetPrivateProfileStringA
GetProcAddress
GetStdHandle
GetTempFileNameA
GetTempPathA
GetVersion
LoadLibraryA
MultiByteToWideChar
SetConsoleCtrlHandler
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpiA
lstrcpyA
lstrlenA

user32

CharUpperA
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
GetDlgItem
GetDlgItemTextA
LoadIconA
LoadImageA
LoadStringA
MessageBoxA
PeekMessageA
SendDlgItemMessageA
SendMessageA
SetClassLongA
SetDlgItemTextA
wsprintfA

Sections

AUTO
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 63KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 160KB - Virtual size: 420KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

85976c1e81174cd7296b7f7222fe51fe

Headers

File Characteristics

Imports

comctl32

hhctrl.ocx

ole32

shell32

mdabase

kernel32

user32

Sections

AUTO Size: 24KB - Virtual size: 23KB

.idata Size: 2KB - Virtual size: 1KB

DGROUP Size: 1024B - Virtual size: 5KB

.reloc Size: 1KB - Virtual size:

.rsrc Size: 63KB - Virtual size:

.vmp0 Size: 160KB - Virtual size: 420KB

AUTO
Size: 24KB - Virtual size: 23KB

.idata
Size: 2KB - Virtual size: 1KB

DGROUP
Size: 1024B - Virtual size: 5KB

.reloc
Size: 1KB - Virtual size:

.rsrc
Size: 63KB - Virtual size:

.vmp0
Size: 160KB - Virtual size: 420KB