942fc71d2d25720b85a5f46369af844fc19c3c20a5d3e979c3d4fa1491228577

Sharing

Copy URL Twitter E-mail

General

Target

942fc71d2d25720b85a5f46369af844fc19c3c20a5d3e979c3d4fa1491228577
Size

92KB
MD5

118f02b9374b6894e8d07922cdfeb8d0
SHA1

bb4ad69052421df655c5fb3a435bbe1bdcfada5e
SHA256

942fc71d2d25720b85a5f46369af844fc19c3c20a5d3e979c3d4fa1491228577
SHA512

7847bdbc6480228964f1a7fde9bb0a4b7dce163038adb4ac737c8b596efb4bd0cde0e9391c0ddac1c399ee7576d2cabfd4462dda3b91eafc6ca59461c23785f5
SSDEEP

1536:RxX2uazNr/vrziKczZrtZwhC+WZHbh8II4t8lpLav88OuotZzq:zmXd/TziKczZrT+gl8kv9OuotZzq

Score

N/A

Malware Config

Signatures

Files

942fc71d2d25720b85a5f46369af844fc19c3c20a5d3e979c3d4fa1491228577
.exe windows x86

7292e2f6de943a7978873025105d1259

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetExitCodeProcess
WaitForSingleObject
CreateFileMappingA
CreateMutexA
FormatMessageA
CreateProcessA
UnmapViewOfFile
GetVolumeInformationA
MapViewOfFileEx
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
CreateEventA
WaitForMultipleObjects
FindFirstFileA
RtlUnwind
HeapAlloc
CompareStringA
CompareStringW
GetStringTypeW
GetStringTypeA
SetStdHandle
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadCodePtr
GetFileType
GetStdHandle
FlushFileBuffers
GetEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
FreeEnvironmentStringsA
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetACP
GetCPInfo
GetOEMCP
VirtualAlloc
VirtualFree
IsBadWritePtr
ExitProcess
HeapDestroy
LCMapStringW
HeapCreate
FindNextFileA
TerminateProcess
MultiByteToWideChar
FindClose
SetFilePointer
SetEndOfFile
GetFileSize
ReadFile
DeleteFileA
GetLastError
WideCharToMultiByte
WriteFile
SetEnvironmentVariableA
GetDriveTypeA
CloseHandle
CreateFileA
HeapReAlloc
GetVersion
HeapSize
LCMapStringA
GetCurrentDirectoryA
GetFullPathNameA
GetCommandLineA
SetCurrentDirectoryA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapFree
GetModuleHandleA
GetStartupInfoA

user32

UpdateWindow
PostQuitMessage
CreateDialogParamA
SetForegroundWindow
ShowWindow
GetDlgItem
DestroyWindow
SendMessageA
InvalidateRect
GetClientRect
ExitWindowsEx
PostThreadMessageA
SetWindowTextA
PeekMessageA
GetMessageA
LoadStringA
DialogBoxParamA
TranslateMessage
DispatchMessageA
SendDlgItemMessageA
EndDialog
MessageBoxA
BeginPaint
ReleaseDC
EndPaint
GetDC

gdi32

SelectPalette
SelectObject
DeleteObject
CreateDIBitmap
RealizePalette
CreatePalette
DeleteDC
StretchBlt
SetStretchBltMode
GetObjectA
CreateCompatibleDC

advapi32

OpenProcessToken
LookupPrivilegeValueA
RegCloseKey
RegQueryValueExA
RegSetValueExA
AdjustTokenPrivileges
RegCreateKeyExA
RegOpenKeyExA

shell32

ShellExecuteA

comctl32

ord17

Exports

Exports

?CDAPFN0506_SendProtectMessage@@3UCDAPFN_PROPERTIES@@A
?PatchCallBack@@YGPAXIPAX@Z

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7292e2f6de943a7978873025105d1259

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 60KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 60KB - Virtual size: 60KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 8KB - Virtual size: 8KB