d3f60bd48a6e2e7463cabbbb6c3a4e6fed0f88e1a29e55fec7542c411b1959b5

Sharing

Copy URL Twitter E-mail

General

Target

d3f60bd48a6e2e7463cabbbb6c3a4e6fed0f88e1a29e55fec7542c411b1959b5
Size

67KB
MD5

3f52fb4b49e9eaf565c0eaeaa69ffb72
SHA1

fcb1f90bffaf8537889e0b653f2ccf91e900b7d6
SHA256

d3f60bd48a6e2e7463cabbbb6c3a4e6fed0f88e1a29e55fec7542c411b1959b5
SHA512

677e804a36490d31eae3a2b10591ef8212e7a516ba903a9f5f17fd27f6dbd472bc0ff3220d07aad70ea9ab7ac13d2bca5ae77dc792f2b341141de1e08965f360
SSDEEP

1536:Nhc+jkseSHDFNdqZ/5AB/4RvWl5eWWei/u5Z:NhksnjlsomvWl425Z

Score

N/A

Malware Config

Signatures

Files

d3f60bd48a6e2e7463cabbbb6c3a4e6fed0f88e1a29e55fec7542c411b1959b5
.exe windows x86

510bee5e519b2f876c2db7ec6e4158e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DeleteFileA
ExitProcess
GetACP
GetCommandLineA
GetLastError
GetModuleHandleA
GetOEMCP
GetPrivateProfileStringA
GetStartupInfoA
HeapAlloc
InterlockedIncrement
LoadLibraryA
RtlUnwind
SetErrorMode
SetLastError
WritePrivateProfileSectionA
lstrcmpA
lstrlenA

advapi32

RegCloseKey
RegLoadKeyA
RegOpenKeyExA
RegQueryValueA
LookupPrivilegeValueA

ole32

OleSetClipboard
OleUninitialize
ReadClassStg
RegisterDragDrop
ReleaseStgMedium
OleLockRunning
CLSIDFromString
CoCreateInstance
CoGetClassObject
CreateOleAdviseHolder
CoInitialize
CoTaskMemAlloc
OleIsCurrentClipboard
OleInitialize
OleGetClipboard
OleFlushClipboard
GetConvertStg
CoUninitialize

user32

ToAscii
MessageBoxA
FillRect
EnableMenuItem
DeleteMenu
EqualRect

shell32

ShellExecuteExW
SHFileOperationA
SHGetDesktopFolder
SHGetFileInfoA
SHGetMalloc
SHGetPathFromIDListA
ShellExecuteExA
ShellExecuteW
Shell_NotifyIconA
SHBindToParent

shlwapi

PathCanonicalizeA
StrStrIA
StrChrA
PathCompactPathExA
SHAutoComplete
PathUnquoteSpacesA
PathQuoteSpacesA
PathMatchSpecA
PathIsRootA
PathFindExtensionA
PathAppendA

imm32

ImmGetContext
ImmReleaseContext
ImmSetCompositionFontA
ImmSetCompositionWindow
ImmGetCompositionStringW

msvcrt

_errno
realloc
strtol
vsprintf
__set_app_type
fflush

oleaut32

SysAllocStringLen
SysFreeString
VariantClear
VariantCopyInd
VariantChangeTypeEx
LoadTypeLib

Exports

Exports

Edkdeh
Epc
Kziifbrkntm
Niufydsgix
Pseppuvl
Ptl
Ugcbgdog
Wgvowxfqlc

Sections

.text
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

510bee5e519b2f876c2db7ec6e4158e2

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

user32

shell32

shlwapi

imm32

msvcrt

oleaut32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 16KB

.rdata Size: 23KB - Virtual size: 24KB

.data Size: 17KB - Virtual size: 20KB

.idata Size: 3KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 14KB - Virtual size: 16KB

.rdata
Size: 23KB - Virtual size: 24KB

.data
Size: 17KB - Virtual size: 20KB

.idata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 8KB