78de308502360f833bac111d73a38788ccf0fb8cd13ae0083edb07e5289aebc4

General

Target

78de308502360f833bac111d73a38788ccf0fb8cd13ae0083edb07e5289aebc4
Size

98KB
MD5

bcaea67200384a7e3bc0566b66c62ec9
SHA1

397c32631a578c959647713d9ef77b8ced153b82
SHA256

78de308502360f833bac111d73a38788ccf0fb8cd13ae0083edb07e5289aebc4
SHA512

1064e0dfe7c7fddd4cb5d315e4d276aea331bdda9bfb7299e69c9c16b7f42fd235f57e89077d25c71584995f6c71a5743e43f54b82a4075b41cfa7be8d4b043e
SSDEEP

1536:FlTdTc1He2/7HKiQrGxO1yT+OajkqwvacP0bAKX2PXmA1CaTkO9c:FZ74btxO1O+OajkqwdP4JXeXv1CEkP

Score

N/A

Malware Config

Signatures

Files

78de308502360f833bac111d73a38788ccf0fb8cd13ae0083edb07e5289aebc4
.exe windows x86

ae89ac1b39531c105867d60d84904da2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

_stricmp
memset

shlwapi

PathMakePrettyW
StrDupW

gdi32

DPtoLP
Polygon
StartPage
EnumFontFamiliesW
SetTextAlign
GetMapMode

kernel32

GetCurrentThreadId
CallNamedPipeW
ExitProcess
MoveFileA
OpenEventW
CompareStringW
InterlockedExchange
GetCurrentProcessId
lstrcmpiW
InterlockedExchangeAdd
SetCommBreak

user32

ShowScrollBar
SetDlgItemTextW
GetMenuStringW
IsDialogMessageW
CharNextA
GetNextDlgTabItem
SendInput
CheckDlgButton
DestroyCursor
LoadCursorW
GetClassInfoExA
SwitchToThisWindow
OffsetRect

Exports

Exports

?_Hufhs_aK_Gj_@@YGXK@Z
?E_FZX_UK_LI_@@YGGJ@Z
?E_ub_wkgvO@@YGHPAEPA_N@Z
?qHLwODNmwdqzCYK@@YGDE@Z
?_LRDWBwl@@YGDPAJPAI@Z
?cwknZD_AYPLI@@YGPAHPAE@Z

Sections

.code
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 326B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae89ac1b39531c105867d60d84904da2

Headers

File Characteristics

Imports

ntdll

shlwapi

gdi32

kernel32

user32

Exports

Exports

Sections

.code Size: 23KB - Virtual size: 22KB

.data Size: 64KB - Virtual size: 187KB

.rdata Size: 1024B - Virtual size: 584B

.import Size: 1024B - Virtual size: 880B

.edata Size: 512B - Virtual size: 326B

.rsrc Size: 5KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 1KB

.code
Size: 23KB - Virtual size: 22KB

.data
Size: 64KB - Virtual size: 187KB

.rdata
Size: 1024B - Virtual size: 584B

.import
Size: 1024B - Virtual size: 880B

.edata
Size: 512B - Virtual size: 326B

.rsrc
Size: 5KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 1KB