e7a653645fe653d24f931cc647edb063675fdde07edc686ebca32bcbd363967f

Sharing

Copy URL Twitter E-mail

General

Target

e7a653645fe653d24f931cc647edb063675fdde07edc686ebca32bcbd363967f
Size

24KB
MD5

f64a24b0578e3941e2fbc3db6038330f
SHA1

809ffdd4915c3f2ddae51f52fa523949ab875529
SHA256

e7a653645fe653d24f931cc647edb063675fdde07edc686ebca32bcbd363967f
SHA512

668bf4f5bc8ced1ce14bc07f4713c9e6fda80d9520593c84ef5090b5ae42435242b1936830ac5c96d52041ef7376ba95adfc31213726fbfbaa5ae29b63f1b0a2
SSDEEP

384:GDXXvKmsOJ1K07w81Xd7AaNoEwlHRxG6HFZlBfVRq3P4VzFPHD/inX0tHRIxgo4O:GDXfK1OJ11N78lxxRBBfVRq3P4VRjUXP

Score

N/A

Malware Config

Signatures

Files

e7a653645fe653d24f931cc647edb063675fdde07edc686ebca32bcbd363967f
.exe windows x86

4976650c66d0614aecaa4af1a8cb55f8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

usp10

ScriptGetFontProperties

gdi32

CreateFontIndirectW
GetObjectW
GetDeviceCaps
GetStockObject
DeleteObject

msvcrt

wcsncmp
_adjust_fdiv
_vsnwprintf
_ultow
longjmp
free
memcpy
malloc
_initterm
_vsnprintf
memset
bsearch
_XcptFilter
_setjmp3
memmove
_amsg_exit
_wcsnicmp
_wtol
_wcsicmp
_wtoi

crypt32

CryptFormatObject

ole32

CoTaskMemFree
OleUninitialize
OleInitialize

setupapi

SetupQueueCopyW
SetupCommitFileQueueW
SetupSetDirectoryIdW
SetupOpenAppendInfFileW
SetupCloseInfFile
SetupFindNextLine
SetupInstallFromInfSectionW
SetupCloseFileQueue
SetupOpenFileQueue
SetupFindFirstLineW
SetupGetLineTextW
SetupOpenInfFileW
SetupGetStringFieldW
SetupInitDefaultQueueCallbackEx
SetupDefaultQueueCallbackW
SetupTermDefaultQueueCallback

user32

CreateDialogParamW
ExitWindowsEx
EndDialog
GetDlgItem
SetDlgItemTextW
CharPrevW
ReleaseDC
MessageBeep
CharNextA
IsWindow
MessageBoxW
MsgWaitForMultipleObjects
SetWindowTextW
CharUpperW
PeekMessageW
OemToCharA
DestroyWindow
GetWindowRect
SendMessageW
GetDesktopWindow
LoadStringW
GetSystemMetrics
CharNextW
UpdateWindow
SendDlgItemMessageW
GetDlgItemTextW
SetWindowPos
EnableWindow
GetDC
ShowWindow
DispatchMessageW
DialogBoxParamW

kernel32

WritePrivateProfileSectionW
MapViewOfFile
MoveFileW
InterlockedCompareExchange
GetEnvironmentVariableW
GetSystemInfo
GetProcAddress
GetCurrentThreadId
CreateFileW
GetDriveTypeW
GetPrivateProfileStringW
GetWindowsDirectoryW
GetFileTime
GetShortPathNameW
LocalReAlloc
SearchPathW
lstrcmpW
GetVolumeInformationW
ReadFile
VirtualAlloc
WriteFile
QueryPerformanceCounter
GetTempFileNameW
HeapAlloc
GetCurrentProcess
CloseHandle
LoadResource
UnmapViewOfFile
GetLocaleInfoW
lstrlenW
WritePrivateProfileStringW
CompareStringW
LoadLibraryW
RtlUnwind
FormatMessageW
GetTempPathW
FindResourceW
lstrlenA
RemoveDirectoryW
GetSystemDefaultUILanguage
lstrcmpiA
GetModuleFileNameW
TerminateProcess
UnhandledExceptionFilter
MoveFileExW
DeleteFileW
GetSystemDirectoryW
GetTickCount
CreateDirectoryW
GetLastError
GetFileSize
LocalFree
GetUserDefaultUILanguage
FindResourceExW
FreeLibrary
DisableThreadLibraryCalls
ExpandEnvironmentStringsW
EnumResourceLanguagesW
SizeofResource
CreateFileMappingW
GetSystemTimeAsFileTime
FindNextFileW
GetFileAttributesW
HeapFree
lstrcmpiW
LocalAlloc
LockResource
CreateProcessW
GetProfileStringW
GetPrivateProfileSectionW
SetFilePointer
Sleep
WideCharToMultiByte
SetFileTime
MultiByteToWideChar
GetFullPathNameW
LoadLibraryExW
FreeConsole
CopyFileW
FindFirstFileW
SetUnhandledExceptionFilter
MulDiv
SetFileAttributesW
SetLastError
InterlockedExchange
GetPrivateProfileIntW
GetLocalTime
GetCurrentProcessId
MapViewOfFileEx
GetDiskFreeSpaceW
GetProcessHeap

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

shlwapi

PathFileExistsW
StrStrIW
PathBuildRootW
StrRChrW
PathCombineW
PathRemoveFileSpecW
PathAppendW
StrChrW
PathAddBackslashW

Sections

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4976650c66d0614aecaa4af1a8cb55f8

Headers

DLL Characteristics

File Characteristics

Imports

usp10

gdi32

msvcrt

crypt32

ole32

setupapi

user32

kernel32

version

shlwapi

Sections

.rsrc Size: 12KB - Virtual size: 11KB

.text Size: 512B - Virtual size: 432B

.idata Size: 5KB - Virtual size: 5KB

.data Size: - Virtual size: 80KB

.rdata Size: 5KB - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 11KB

.text
Size: 512B - Virtual size: 432B

.idata
Size: 5KB - Virtual size: 5KB

.data
Size: - Virtual size: 80KB

.rdata
Size: 5KB - Virtual size: 4KB