5e836c3edccff0c27da91195fe611ab7dcb2cf80921fa55be14d1ef098ef4d67

Sharing

Copy URL Twitter E-mail

General

Target

5e836c3edccff0c27da91195fe611ab7dcb2cf80921fa55be14d1ef098ef4d67
Size

89KB
MD5

0686940cf7881983983746f757708f30
SHA1

e298bf0e72694122e35a531250c0cae124c80e03
SHA256

5e836c3edccff0c27da91195fe611ab7dcb2cf80921fa55be14d1ef098ef4d67
SHA512

bbd26de9e488433209344545a6c9f3eda6ab9f2031019bcf767a133f6e0a2817ecb04b5727df966d2e0e0a6588dfcf1e37a9be3b5ffbe1dd5952c06e52dc4b79
SSDEEP

1536:J0ZhnazxfGloOzCECw5kzbRF/e//FILLBoxpaIWOlfqyVaOR:SazVGloOzNC+Mze/tGexYIWOF3R

Score

N/A

Malware Config

Signatures

Files

5e836c3edccff0c27da91195fe611ab7dcb2cf80921fa55be14d1ef098ef4d67
.exe windows x86

381c800ac68c65e8e7d6477239cbbea4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_iob
_exit
calloc
strrchr
_acmdln
_adjust_fdiv
__set_app_type
__getmainargs
__setusermatherr
__p__commode
sqrt
_except_handler3
_write
__dllonexit
exit
sprintf
abort
_initterm
free
__p__fmode
fputc
memmove
_stricmp

kernel32

GetCurrentProcess
FileTimeToSystemTime
GetTempPathA
GetModuleHandleW
CreateDirectoryA
GetFileAttributesW
GetShortPathNameA
GetCPInfo
GetStartupInfoA
ReadFile
WriteFile
GlobalUnlock
WriteConsoleA
FreeLibrary
GetModuleFileNameW
SetUnhandledExceptionFilter
GetLocaleInfoW
GetLocaleInfoA
VirtualFree
WaitForSingleObject

user32

CreateWindowExA
PeekMessageA
GetForegroundWindow
UpdateWindow
ShowWindow
GetDlgItem
WaitMessage
PtInRect
SetWindowLongA
GetWindowRect
ScreenToClient
InflateRect
IsDialogMessageA

comctl32

CreatePropertySheetPageA
ImageList_GetIconSize
ImageList_LoadImageA
ImageList_Read
CreateStatusWindowA
ImageList_Add
ImageList_LoadImageW

advapi32

CloseServiceHandle
RegEnumKeyA
OpenSCManagerA
RegDeleteValueW
GetTokenInformation
RegSetValueExW
GetUserNameA
AllocateAndInitializeSid
SetSecurityDescriptorDacl
RegOpenKeyExW
CryptGenRandom

oleaut32

SafeArrayGetElement
VariantCopy
GetActiveObject
SafeArrayGetUBound
SafeArrayPtrOfIndex
VariantInit
SysReAllocStringLen

gdi32

ExtCreatePen
GetSystemPaletteEntries
SelectObject
LineTo
ExtFloodFill
BitBlt
GetTextExtentPointW
DeleteEnhMetaFile
GetNearestPaletteIndex
ExtEscape
GetBitmapBits
GetDCOrgEx

ole32

StgOpenStorageOnILockBytes
StgOpenStorage
CoTaskMemFree
OleGetClipboard
CoSetProxyBlanket
CoRegisterClassObject
CoReleaseMarshalData
CreateILockBytesOnHGlobal
CoLoadLibrary

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

381c800ac68c65e8e7d6477239cbbea4

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

comctl32

advapi32

oleaut32

gdi32

ole32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 62KB - Virtual size: 61KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 62KB - Virtual size: 61KB

.rsrc
Size: 3KB - Virtual size: 2KB