45471d158a06cad889f10493ad31f56d292c11c970f263e309a0093003f4d7c7

Sharing

Copy URL Twitter E-mail

General

Target

45471d158a06cad889f10493ad31f56d292c11c970f263e309a0093003f4d7c7
Size

120KB
MD5

754fa72b06e0f7084f73a57654b7e8ae
SHA1

e7ba438728e3dc83a24129a77e13969d763160dc
SHA256

45471d158a06cad889f10493ad31f56d292c11c970f263e309a0093003f4d7c7
SHA512

683d6984707ccedbf28a839093f1b9773135d8932d9e03390e56a602a7e503ec0b962eaaa43928383533937a7ff94e6a5bde403ae5fd7edd7efe86da1a8bf60f
SSDEEP

1536:3XOVSopXj4OyytdUj34FCRrRjSv/fkVK6C2DEJIB963nwvdSP/1lTHN/sKhVA+o6:HsTFrA4pv/fbhMoIz8TpsKhV0VmuNP5S

Score

N/A

Malware Config

Signatures

Files

45471d158a06cad889f10493ad31f56d292c11c970f263e309a0093003f4d7c7
.exe windows x86

cf6e627426eb1e7a6b7edffbc3a32d52

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EndPath
CreateCompatibleDC
SetBrushOrgEx
SetDIBitsToDevice
SetViewportOrgEx
GetCharWidth32W
SetBitmapBits
GetStockObject
SetDIBits
GetLayout
EndPage
CombineRgn
GetTextMetricsA
SetBitmapDimensionEx

shlwapi

ChrCmpIW
StrIsIntlEqualW
StrStrW

kernel32

CreateMutexA
GetLocaleInfoW
IsValidLanguageGroup
lstrcpyA
ExitProcess
GetCurrentProcessId
SetUnhandledExceptionFilter
GetBinaryTypeA
CreateFileMappingW
lstrlenW
lstrcpyW
GlobalHandle
DeleteFileW
GetThreadTimes
ExitThread
GetFileSize
DeleteAtom
InitializeCriticalSection
GetDateFormatA
FileTimeToDosDateTime

comctl32

ImageList_Read
ImageList_Destroy
ImageList_LoadImageW
PropertySheetW

user32

DrawTextExW
GetUserObjectInformationW
EnumThreadWindows
DrawStateA
IsCharLowerA
TranslateMessage
TranslateAcceleratorW
ShowCaret
EnableScrollBar
CharUpperBuffW
SetCursorPos
GetSysColor
SwitchToThisWindow
LoadImageA
SetRect
AppendMenuW
SetParent
DestroyMenu
GetClientRect
GetDlgItemTextA
ExitWindowsEx
PostMessageA
CreatePopupMenu
ShowOwnedPopups
SetScrollPos
AllowSetForegroundWindow
GetClassInfoW
IsIconic
RemoveMenu
BringWindowToTop
PostMessageW
GetActiveWindow

Exports

Exports

?UnloadKeyboardLayout@@YGXK_WH@Z

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf6e627426eb1e7a6b7edffbc3a32d52

Headers

File Characteristics

Imports

gdi32

shlwapi

kernel32

comctl32

user32

Exports

Exports

Sections

.text Size: 58KB - Virtual size: 58KB

.data Size: 14KB - Virtual size: 153KB

.pdata Size: 51KB - Virtual size: 50KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 58KB - Virtual size: 58KB

.data
Size: 14KB - Virtual size: 153KB

.pdata
Size: 51KB - Virtual size: 50KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB