d80036b4e983db4f66f42433811607a6dac47f4238479acc27cf5165f726fdb6

Sharing

Copy URL

Twitter E-mail

General

Target

d80036b4e983db4f66f42433811607a6dac47f4238479acc27cf5165f726fdb6
Size

1.4MB
MD5

e68714b8f449711bafbc1f72d196ad44
SHA1

f7b4ab04c6cd4df5dd85db3a598b0abbf28ec75d
SHA256

d80036b4e983db4f66f42433811607a6dac47f4238479acc27cf5165f726fdb6
SHA512

2fe42d52a65fe1bbe7263f209c0b3eb007a59af080a7051168dced52f19f2055b28af31335d085d252ba3bde8c00807c38bd7b684d312b1d4f999cfd71ec6d08
SSDEEP

24576:xtES5SiSaSlS1SWSNSnSrS+SgSwScSLSDSHSmSISxSESwSYSZSlSeSFSxS4SVSx1:

Score

N/A

Malware Config

Signatures

Files

d80036b4e983db4f66f42433811607a6dac47f4238479acc27cf5165f726fdb6
.exe windows x86

fa47a5dbaf89fde5a7fc3ba119cf2052

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
MultiByteToWideChar
FreeLibrary
GetStringTypeA
WriteFile
GetStdHandle
GetFileType
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
RemoveDirectoryA
UnhandledExceptionFilter
RtlUnwind
GetCurrentProcess
TerminateProcess
ExitProcess
HeapCreate
LCMapStringW
WideCharToMultiByte
LCMapStringA
HeapAlloc
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapReAlloc
HeapFree
FindNextFileA
DeleteFileA
LoadLibraryA
GetProcAddress
CreateDirectoryA
GetFileAttributesA
FindFirstFileA
FindClose
CopyFileA
SetCurrentDirectoryA
WinExec
GetVersion
FreeEnvironmentStringsA
GetModuleFileNameA
GetStringTypeW

user32

GetParent
RegisterClassA
FindWindowA
LoadCursorA
EnableWindow
PostQuitMessage
GetWindowTextA
EndDialog
GetSystemMetrics
LoadIconA
SetClassLongA
CallWindowProcA
PeekMessageA
MoveWindow
GetWindowWord
GetWindowLongA
IsDialogMessageA
DialogBoxParamA
CreateDialogParamA
EnumWindows
wsprintfA
GetClassNameA
CreateWindowExA
DestroyWindow
IsWindow
ScreenToClient
SetWindowWord
SetWindowLongA
SetWindowTextA
SetActiveWindow
GetForegroundWindow
GetWindowThreadProcessId
SystemParametersInfoA
AttachThreadInput
SetForegroundWindow
GetWindowRect
SendDlgItemMessageA
SendMessageA
PostMessageA
BringWindowToTop
MessageBoxA
GetDlgItem
SetDlgItemTextA
GetDlgItemTextA
SetTimer
TranslateMessage
DispatchMessageA
GetMessageA
KillTimer
TranslateAcceleratorA
DefWindowProcA
ShowWindow
UpdateWindow

advapi32

GetUserNameA
RegCreateKeyExA
RegCloseKey
RegQueryValueA
RegQueryValueExA
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA

shell32

SHGetMalloc
SHBrowseForFolder
SHGetPathFromIDList
ShellExecuteA
SHChangeNotify

ole32

CoInitialize
CoCreateInstance
CoUninitialize

comctl32

ord17

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.prdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fa47a5dbaf89fde5a7fc3ba119cf2052

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

comctl32

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 3KB - Virtual size: 3KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 1.3MB - Virtual size: 1.3MB

.prdata Size: 60KB - Virtual size: 60KB

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 3KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 1.3MB - Virtual size: 1.3MB

.prdata
Size: 60KB - Virtual size: 60KB