91f5b4e294934fd96f556e5f010c0d6db44727552646fb544c25144dfbc6301e

General

Target

91f5b4e294934fd96f556e5f010c0d6db44727552646fb544c25144dfbc6301e
Size

68KB
MD5

670a808608a541a7dad8a40f49922cb6
SHA1

7950d69e18e0bee532e609dc1d7630f836cf571a
SHA256

91f5b4e294934fd96f556e5f010c0d6db44727552646fb544c25144dfbc6301e
SHA512

a96b818c7f95ebcb37a7ca4c1976608b984a8e70c67c3a9373ca9c2dfd4adc79a1a584064ce6bf9046db13e754f73e625bd1323ff0db4d7b7b739c12f1deea08
SSDEEP

1536:8PEBid2CKTF8qyfZGT7HdV+dVN2zo7vc+LAp7Jq:8PEY25T2pB079V8VN2Iv5Ep7

Score

N/A

Malware Config

Signatures

Files

91f5b4e294934fd96f556e5f010c0d6db44727552646fb544c25144dfbc6301e
.exe windows x86

372dd232d19b84b4d77a17416dd284a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

malloc
free
modf
memmove
_CIfmod
sprintf
_CIpow
strncmp
??2@YAPAXI@Z
strrchr
_ftol
atoi
??3@YAXPAX@Z
strncpy
_strnicmp

user32

GetWindowThreadProcessId
MessageBoxA
wsprintfA
GetClassNameA
GetWindowTextA
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
EnumWindows

kernel32

Sleep
GetCurrentDirectoryA
IsBadReadPtr
HeapReAlloc
WaitForSingleObject
ExitProcess
GetModuleHandleA
GetProcessHeap
WriteProcessMemory
GetStartupInfoA
MultiByteToWideChar
WideCharToMultiByte
HeapAlloc
HeapFree
LCMapStringA
CreateProcessA
OpenProcess
GetProcessTimes
CloseHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateToolhelp32Snapshot
Process32First
Process32Next
CreateThread
VirtualQueryEx
ReadProcessMemory

shlwapi

PathFileExistsA

advapi32

RegCloseKey
RegOpenKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA

ole32

CLSIDFromProgID
CoCreateInstance
OleRun
CoUninitialize
CoInitialize
CLSIDFromString

oleaut32

RegisterTypeLi
SafeArrayCreate
SysAllocString
VariantClear
SafeArrayDestroy
LoadTypeLi

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

372dd232d19b84b4d77a17416dd284a5

Headers

File Characteristics

Imports

msvcrt

user32

kernel32

shlwapi

advapi32

ole32

oleaut32

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 54KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 54KB

.rsrc
Size: 16KB - Virtual size: 15KB