c36c53591faff2e75996674b4fd80a51efcda151d046be23294aef0418a2090f

Sharing

Copy URL Twitter E-mail

General

Target

c36c53591faff2e75996674b4fd80a51efcda151d046be23294aef0418a2090f
Size

17KB
MD5

bd301f07aba21fefbfc1f1a6e314b2ff
SHA1

d02b363fd7d2f77c7c8cd8da797844d101a687ee
SHA256

c36c53591faff2e75996674b4fd80a51efcda151d046be23294aef0418a2090f
SHA512

4026cac9d5b7ec20acc38e45bf5a8caac8d88f17ad37e988249d2588cfc4bc7cf12883a1007ce16488ce4bb570564dbe4c8e96e6aeeab397d41ba74781bd3e36
SSDEEP

192:UqRGGvX/qRBggZQGKSFaSsGar8ERkFeePtcjYPgvyp+3a15K0+8m4hND3koxYc:UqX/KmSFanYIrLaWa15rxm49

Score

N/A

Malware Config

Signatures

Files

c36c53591faff2e75996674b4fd80a51efcda151d046be23294aef0418a2090f
.exe windows x86

bf8c151593655cae1ae89c0cf4655f48

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA

msvcrt

memset

user32

LoadBitmapW

advapi32

RegOpenKeyExW

shlwapi

UrlUnescapeA
wvnsprintfW
wnsprintfW
AssocQueryStringByKeyA
AssocQueryStringByKeyW
ChrCmpIA
ColorAdjustLuma
ColorHLSToRGB
ColorRGBToHLS
HashData
PathAddBackslashW
PathAddExtensionW
PathAppendA
PathBuildRootA
PathBuildRootW
PathCanonicalizeA
PathCombineA
PathCommonPrefixA
PathCommonPrefixW
PathCompactPathW
PathCreateFromUrlW
PathFindFileNameA
PathFindFileNameW
PathFindOnPathA
PathFindSuffixArrayW
PathGetCharTypeW
PathIsContentTypeA
PathIsDirectoryEmptyW
PathIsFileSpecA
PathIsLFNFileSpecW
PathIsNetworkPathW
PathIsPrefixA
PathIsRelativeW
PathIsSameRootA
PathIsSystemFolderW
PathMakePrettyA
PathMakePrettyW
PathMakeSystemFolderW
PathRemoveBackslashW
PathStripPathA
PathUndecorateA
PathUndecorateW
PathUnmakeSystemFolderA
SHCopyKeyW
SHDeleteEmptyKeyW
SHDeleteValueW
SHGetInverseCMAP
SHOpenRegStream2W
SHQueryValueExW
SHRegCloseUSKey
SHRegEnumUSKeyA
SHRegEnumUSValueW
SHRegGetPathW
SHRegGetUSValueA
SHRegOpenUSKeyA
SHRegQueryInfoUSKeyA
SHRegQueryInfoUSKeyW
SHRegQueryUSValueA
SHRegSetPathA
SHRegSetPathW
SHRegSetUSValueA
StrCSpnA
StrCSpnIW
StrCatBuffA
StrCatBuffW
StrCmpNIW
StrCpyNW
StrCpyW
StrDupA
StrDupW
StrFormatByteSizeW
StrFormatKBSizeW
StrFromTimeIntervalA
StrIsIntlEqualW
StrPBrkW
StrRChrA
StrRChrIA
StrStrA
StrToIntExA
StrTrimW
UrlApplySchemeA
UrlCanonicalizeW
UrlIsNoHistoryA
UrlIsOpaqueW

version

VerQueryValueW
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf8c151593655cae1ae89c0cf4655f48

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

shlwapi

version

Sections

.text Size: 4KB - Virtual size: 4KB

.text1 Size: 1024B - Virtual size: 800B

.text2 Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 136B

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 4KB

.text1
Size: 1024B - Virtual size: 800B

.text2
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 136B

.rsrc
Size: 2KB - Virtual size: 1KB