ecf50f6f9bf0c8f52555fd2438ffbc6a841f133de258fd2806ef8600998374d3

Sharing

Copy URL Twitter E-mail

General

Target

ecf50f6f9bf0c8f52555fd2438ffbc6a841f133de258fd2806ef8600998374d3
Size

112KB
MD5

f1c5efc4a64b4ef2205a60da74dcf3c4
SHA1

8359d8b9092bcdc0076342a45adfb083461d8801
SHA256

ecf50f6f9bf0c8f52555fd2438ffbc6a841f133de258fd2806ef8600998374d3
SHA512

3b56fc0be3fc9b1eb4a6c563119b16b0886be0d9f989257cdd4242bac455f07b2602723c4659ad005fb0497033fc8dcb36f78934b5dcfb741278554c010a81f4
SSDEEP

3072:2JFigCTXwgm65dfvE3ZzBOSsP6VPhClqIyYyRzbBi2vPXP6THUWHNWILv6dfql:2JggCTXwfsf/

Score

N/A

Malware Config

Signatures

Files

ecf50f6f9bf0c8f52555fd2438ffbc6a841f133de258fd2806ef8600998374d3
.exe windows x86

a0b9d42fb5aee61a98ab962e2f21b183

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GetThreadLocale
GetVersionExW
MultiByteToWideChar
Sleep
ExitProcess
CloseHandle
CreateFileW
GetFileAttributesW
GetLocalTime
GetTempPathW
OutputDebugStringW
FindClose
FindNextFileW
DeleteFileW
FindFirstFileW
lstrlenA
SetUnhandledExceptionFilter
GetTickCount
GetProcAddress
LoadLibraryA
OutputDebugStringA
VirtualProtect
VirtualFree
VirtualAlloc
FlushInstructionCache
GetCurrentProcess
InterlockedIncrement
GlobalFree
InterlockedDecrement
GlobalAlloc
WideCharToMultiByte
GetModuleHandleW
CreateThread
HeapSize
ReadFile
SetEndOfFile
GetSystemInfo
GetACP
GetCurrentProcessId
QueryPerformanceCounter
InitializeCriticalSection
CreateFileA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCPInfo
GetOEMCP
SetFilePointer
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
WriteFile
TerminateProcess
HeapReAlloc
DeleteCriticalSection
HeapCreate
HeapDestroy
LeaveCriticalSection
EnterCriticalSection
TlsGetValue
TlsSetValue
TlsFree
GetLastError
GetCurrentThreadId
SetLastError
TlsAlloc
VirtualQuery
GetVersionExA
GetCommandLineA
GetSystemTimeAsFileTime
InterlockedExchange
GetStartupInfoA
GetModuleHandleA
RtlUnwind
HeapFree
HeapAlloc

user32

GetWindow
PostMessageW
SetWindowTextW
SendMessageW
wsprintfW
FindWindowExW
GetClassNameW
GetClassInfoExW
RegisterClassExW
DialogBoxParamW
CallWindowProcW
UpdateWindow
CreateDialogParamW
MoveWindow
RedrawWindow
GetWindowTextW
GetDlgItem
GetMenu
EndDialog
SetWindowLongW
DestroyWindow
ShowWindow
SetFocus
GetMessageW
TranslateAcceleratorW
IsDialogMessageW
TranslateMessage
DispatchMessageW
DestroyAcceleratorTable
PostQuitMessage
DefWindowProcW
CreateAcceleratorTableW
GetClientRect
SetWindowPos
GetWindowLongW
GetWindowRect
GetParent
ScreenToClient

shell32

SHGetFolderPathA
SHGetFolderPathW

ole32

OleInitialize
CoGetClassObject
OleSetContainedObject

oleaut32

DispCallFunc
VariantInit
SysAllocString
VariantClear

wininet

InternetSetOptionW

comctl32

ord17

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0b9d42fb5aee61a98ab962e2f21b183

Headers

File Characteristics

Imports

kernel32

user32

shell32

ole32

oleaut32

wininet

comctl32

Sections

.text Size: 52KB - Virtual size: 48KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 52KB - Virtual size: 48KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 2KB