cabed45a3e2fc0ee49b57c645b48bfa29537def422d5bd826a0889544488b593

Sharing

Copy URL Twitter E-mail

General

Target

cabed45a3e2fc0ee49b57c645b48bfa29537def422d5bd826a0889544488b593
Size

38KB
MD5

bfb9b0b7648cc2c6aa14c432b3a4ed2d
SHA1

40d823f10966a30c9c44640bcc7ff3c87c259ce1
SHA256

cabed45a3e2fc0ee49b57c645b48bfa29537def422d5bd826a0889544488b593
SHA512

d9495e5992929cdb3a2a757b5cde0daf59e99d72e4bf1535be3454f03d8b6e1ef4f23d86192f8681d31c518f1baac227624ce020c652e8f9ebd26b6a167f883a
SSDEEP

768:jh8VgtbO8A3MY8XQT/GdCLDQ7DEOlXD8RoYJPgVRTCkEv3nDo:t8AbfA3cQqdCLD2DdtAjgVR5EPnDo

Score

N/A

Malware Config

Signatures

Files

cabed45a3e2fc0ee49b57c645b48bfa29537def422d5bd826a0889544488b593
.exe windows x86

f3f5e95b2a0af9a7f694639da633f0ee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

ZwCreateEvent
NtSuspendThread
ZwEnumerateValueKey
NtSetLowWaitHighEventPair
NtOpenProcessTokenEx
ZwAllocateVirtualMemory
RtlCaptureStackBackTrace
NtQueryIoCompletion
ZwFlushWriteBuffer
RtlUnhandledExceptionFilter2

kernel32

CreateSemaphoreW
lstrlenA
lstrlen
CreateDirectoryA
CreateNamedPipeW
LoadLibraryA
lstrcmpiW
LocalFree
Sleep
GetCurrentThreadId
lstrcpyn
GetTempPathW
lstrcpyW
FileTimeToSystemTime
FindAtomA
GetCommandLineA
FlushFileBuffers
InitializeCriticalSection
GetLongPathNameA

user32

CreateDialogParamA
LoadMenuIndirectA
GetWindowLongA
GetKeyboardType
GetWindowTextLengthA
GetMenuItemRect
RegisterClassExA
CreateDialogIndirectParamW
MonitorFromRect
FindWindowA
SetWindowLongW
SetWindowRgn
CharUpperA
DestroyMenu
SetWindowLongA
ShowCursor

gdi32

SelectObject
StretchDIBits
DeleteObject

advapi32

RegQueryInfoKeyA
RegRestoreKeyA

comdlg32

ChooseFontA

shell32

StrNCmpIA

ole32

OleCreateEx
OleLoad
CoCreateGuid

version

GetFileVersionInfoSizeW
GetFileVersionInfoW

ws2_32

WSAEnumProtocolsW
getnameinfo
closesocket
getpeername

comctl32

PropertySheetW

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3f5e95b2a0af9a7f694639da633f0ee

Headers

File Characteristics

Imports

ntdll

kernel32

user32

gdi32

advapi32

comdlg32

shell32

ole32

version

ws2_32

comctl32

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 16KB - Virtual size: 16KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 5KB - Virtual size: 5KB