d2ff1a32b1862228f2bc776385359b14e80c542d3538b3e700b8e3bf6a5b720f

Sharing

Copy URL Twitter E-mail

General

Target

d2ff1a32b1862228f2bc776385359b14e80c542d3538b3e700b8e3bf6a5b720f
Size

96KB
MD5

56eff7d174c06eee1803f506aa301784
SHA1

96a2828d055e24242be339a70a00c8755b288143
SHA256

d2ff1a32b1862228f2bc776385359b14e80c542d3538b3e700b8e3bf6a5b720f
SHA512

a1ca12dbb97ba447ec8c3ed7269e1a9c6bd3230b0ae791b6bf03912c3e75a6c413beac0b8ac92a413d8f7139f0551430b9ae8839bb071585646a9b4d2d88aa49
SSDEEP

1536:dD++IsxHseQQ79CWSA2gYyTooT1T2FyRBXUBmOpMC1z:rIeMeQfbgYyTooKKBXwmOp91z

Score

N/A

Malware Config

Signatures

Files

d2ff1a32b1862228f2bc776385359b14e80c542d3538b3e700b8e3bf6a5b720f
.exe windows x86

4c75c743a734478ad0ca2e1552a82098

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetTickCount
CopyFileA
CreateDirectoryA
ExitProcess
DeleteFileA
GetModuleFileNameA
GetVolumeInformationA
SetErrorMode
ReadFile
GetDriveTypeA
GetLogicalDriveStringsA
SetFilePointer
GetLastError
GetProcAddress
GetFileSize
GetStringTypeA
LCMapStringW
LCMapStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
RtlUnwind
GetFileType
GetStdHandle
MultiByteToWideChar
CreateThread
FreeLibrary
GlobalLock
GlobalUnlock
Sleep
ExitThread
FindFirstFileA
lstrcmpiA
FindNextFileA
lstrlenA
FindClose
GetEnvironmentVariableA
CreateFileA
WriteFile
CloseHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
GetStringTypeW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapFree

user32

CloseClipboard
GetClassNameA
SendMessageA
EnumChildWindows
GetClipboardData
OpenClipboard
GetAsyncKeyState
GetForegroundWindow
GetWindowTextA
SetWindowsHookExA
EnumWindows

gdi32

CreateCompatibleDC
GetDeviceCaps
CreateDIBSection
DeleteDC
SaveDC
SelectObject
BitBlt
RestoreDC
DeleteObject
CreateDCA

advapi32

RegQueryValueExA
RegOpenKeyA
RegSetValueExA
RegCloseKey
RegOpenKeyExA

shell32

ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

oleaut32

SysFreeString
SysAllocStringLen

ws2_32

send
closesocket
connect
htons
gethostbyname
socket
WSACleanup
WSAStartup
recv

gdiplus

GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToFile
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdiplusShutdown
GdipCloneImage
GdipDisposeImage
GdipFree
GdiplusStartup

shlwapi

PathFileExistsA

wininet

FtpPutFileA
InternetConnectA
InternetOpenA
InternetReadFile
InternetOpenUrlA
InternetCloseHandle

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c75c743a734478ad0ca2e1552a82098

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

oleaut32

ws2_32

gdiplus

shlwapi

wininet

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 36KB - Virtual size: 39KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 36KB - Virtual size: 39KB

.rsrc
Size: 8KB - Virtual size: 4KB