e0ddf07a9bee0f2516e75ef1e54d867db4c2d1f6dadeaebf925c14dcd1df6d18

Sharing

Copy URL Twitter E-mail

General

Target

e0ddf07a9bee0f2516e75ef1e54d867db4c2d1f6dadeaebf925c14dcd1df6d18
Size

140KB
MD5

528b1bf207d81b6738b4201c88319aeb
SHA1

26169b3b61c4361202c5bc770a13c62a142228d3
SHA256

e0ddf07a9bee0f2516e75ef1e54d867db4c2d1f6dadeaebf925c14dcd1df6d18
SHA512

3527e7f052253915eaadf86bc88b0099be7eff959ccbeebff073c9339160898c23187e39fa243cecaa3f1c00124867610345bf9607dce73ab08c833ccb8436d2
SSDEEP

3072:1TQ1CODt+tnJTQRqWWHb9/xImlGvb3cA1yBAyOzljVskBkWA:pnOB+tnhj79ZKhoBAlRjHBk

Score

N/A

Malware Config

Signatures

Files

e0ddf07a9bee0f2516e75ef1e54d867db4c2d1f6dadeaebf925c14dcd1df6d18
.exe windows x86

5b1d002749e05b15c88e0ef717a06f5e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateGuid
OleCreateStaticFromData

msvcrt

sprintf
tolower
calloc
wcscspn
malloc
fabs
tan
strncmp
strcmp

kernel32

CreateFileA
ExitProcess
GetTickCount
GetModuleHandleA
GetFullPathNameA
IsBadReadPtr
GetCommandLineA
HeapDestroy
GetCurrentProcess
MulDiv
CreateThread
GetModuleFileNameA
VirtualAlloc
MoveFileExA
GetDateFormatA
FormatMessageA
GetCommandLineW
GetLastError
VirtualQuery
LoadLibraryExA
WideCharToMultiByte
lstrlenW
GetACP
LocalAlloc
lstrlenA
GetOEMCP
GetModuleHandleA
GetProcAddress
ExitProcess
IsBadHugeReadPtr
ExitThread
WaitForSingleObject
VirtualFree
WriteFile
IsBadReadPtr
lstrcpyA
VirtualAlloc

comdlg32

GetFileTitleA
GetOpenFileNameA
FindTextA
GetSaveFileNameA

gdi32

SetBkColor
GetDIBits
GetClipBox
CopyEnhMetaFileA
CreateFontIndirectA

user32

RegisterClassA
RegisterClipboardFormatA
GetKeyboardLayout

shell32

SHGetDiskFreeSpaceA
DragQueryFileA
SHFileOperationA
SHGetDesktopFolder

advapi32

RegQueryValueA
RegLoadKeyA
RegEnumValueA
RegOpenKeyA

version

GetFileVersionInfoA

oleaut32

GetErrorInfo
RegisterTypeLib
SysAllocStringLen
VariantCopyInd
SysStringLen

shlwapi

PathFileExistsA
SHDeleteKeyA
SHStrDupA
SHSetValueA
SHQueryValueExA
PathGetCharTypeA
SHEnumValueA
PathIsDirectoryA
SHQueryInfoKeyA
PathIsContentTypeA

comctl32

ImageList_Read
ImageList_Draw

Sections

CODE
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b1d002749e05b15c88e0ef717a06f5e

Headers

File Characteristics

Imports

ole32

msvcrt

kernel32

comdlg32

gdi32

user32

shell32

advapi32

version

oleaut32

shlwapi

comctl32

Sections

CODE Size: 48KB - Virtual size: 44KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 1KB

.cdata Size: 4KB - Virtual size: 1KB

DATA Size: 64KB - Virtual size: 62KB

.fdata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 832B

CODE
Size: 48KB - Virtual size: 44KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 1KB

.cdata
Size: 4KB - Virtual size: 1KB

DATA
Size: 64KB - Virtual size: 62KB

.fdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 832B