5866ca8f4cf8fc91b2292ce26694f0e9a6395b6ed4509e5d4b51f47d37b52940

Sharing

Copy URL Twitter E-mail

General

Target

5866ca8f4cf8fc91b2292ce26694f0e9a6395b6ed4509e5d4b51f47d37b52940
Size

161KB
MD5

12627b1f17cb3189442011817727022b
SHA1

3d4c9864a4c419ba452b6715446e851c403b4981
SHA256

5866ca8f4cf8fc91b2292ce26694f0e9a6395b6ed4509e5d4b51f47d37b52940
SHA512

2b45b8b48d5498c54b95328f7b39b695577c492439d51cc2fdc763a87ce29c7802f7fa3a494be8da54072b7d716c311108e38d49f67fcf46d90a14e430a12655
SSDEEP

3072:I91LOZr9gmW1BWMXO0tLr2jA237AIiO1+f3zn49:2LOZZgmWzZOc2jA20gw3zK

Score

N/A

Malware Config

Signatures

Files

5866ca8f4cf8fc91b2292ce26694f0e9a6395b6ed4509e5d4b51f47d37b52940
.exe windows x86

a6d4eea0c053db24afd130b789d6e132

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA
GetProcessHeap
GetFileAttributesA
CreateDirectoryA
FileTimeToSystemTime
VirtualProtectEx
lstrlenW
GetStringTypeExA
SetHandleCount
GetModuleHandleW
CreateFileMappingA
lstrcmpiA
RtlUnwind
GetProcAddress
SetEnvironmentVariableA
GetCommandLineW
IsValidCodePage
SetCurrentDirectoryA

msvcrt

fflush
_controlfp
_adjust_fdiv
strcpy
strstr
fputc
__p__commode
_XcptFilter
__p__fmode
_initterm
_snprintf
_except_handler3
exit
__set_app_type
__p___initenv
__getmainargs
_exit
fclose
__setusermatherr
fread
malloc
free
fprintf
realloc
calloc

ole32

CreateStreamOnHGlobal
ProgIDFromCLSID
CoRegisterClassObject
CLSIDFromString
PropVariantClear
OleUninitialize
IIDFromString
CoReleaseMarshalData
StgOpenStorage
CoDisconnectObject
CreateILockBytesOnHGlobal

gdi32

GetObjectType
SetEnhMetaFileBits
SetTextCharacterExtra
GetWindowExtEx
RectInRegion
SetBkMode
GetEnhMetaFilePaletteEntries
GetDCOrgEx
PlayEnhMetaFile
SetViewportExtEx
CreateHalftonePalette
GetSystemPaletteEntries

user32

DefWindowProcA
CreateMenu
CallNextHookEx
SetCapture
CheckMenuItem
GetDC
PostMessageA
GetMessageA
LoadStringA
PostQuitMessage
DispatchMessageA
SendMessageA
AdjustWindowRectEx

comctl32

ImageList_Remove
ImageList_SetBkColor
ImageList_Replace
CreateToolbarEx
ImageList_Add
ImageList_EndDrag
CreateStatusWindowA
DestroyPropertySheetPage
ImageList_Read
ImageList_AddMasked
ImageList_BeginDrag
ImageList_GetImageInfo
ImageList_ReplaceIcon
ImageList_GetIconSize
CreatePropertySheetPageW
PropertySheetW

advapi32

RegQueryValueA
RegEnumKeyExW
ControlService
IsValidSid
InitializeSecurityDescriptor
AdjustTokenPrivileges

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a6d4eea0c053db24afd130b789d6e132

Headers

File Characteristics

Imports

kernel32

msvcrt

ole32

gdi32

user32

comctl32

advapi32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 61KB

.rsrc Size: 10KB - Virtual size: 9KB

.mdata Size: 72KB - Virtual size: 72KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 61KB

.rsrc
Size: 10KB - Virtual size: 9KB

.mdata
Size: 72KB - Virtual size: 72KB