adaaf93c22bae083309e07b566313c6382727fe75fb9ff6027904ea7cc73efdd

Sharing

Copy URL Twitter E-mail

General

Target

adaaf93c22bae083309e07b566313c6382727fe75fb9ff6027904ea7cc73efdd
Size

175KB
MD5

dc45fea826282c154f800214ce2de11b
SHA1

11145b1933deeb5dfc4df40fd76cfd1c7d5c1a2c
SHA256

adaaf93c22bae083309e07b566313c6382727fe75fb9ff6027904ea7cc73efdd
SHA512

16d99deab4f393ec0567b4e144c6af04be9fb1b48a4ac727b030ba924480f14cbef92fde8794d8b47b33cd26d1027746ca7de955bc7f80383a444c1feef59841
SSDEEP

3072:8uEFa22SnFsBJdy7gUujvC22SKucKT7/rsBSPndk9wV8j:WFTs5yluD2buVv/BdlW

Score

N/A

Malware Config

Signatures

Files

adaaf93c22bae083309e07b566313c6382727fe75fb9ff6027904ea7cc73efdd
.exe windows x86

6ccf644aef615e97c786515b4fceeb64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegCreateKeyExA
RegEnumValueA
RegCreateKeyA

msvcrt

memcpy
strcmp
tan
malloc

kernel32

GetThreadLocale
lstrcmpA
WriteFile
SetEndOfFile
Sleep
GetCurrentProcess
GetFileAttributesA
LocalAlloc
MoveFileExA
DeleteCriticalSection
LoadResource
CreateThread
MulDiv
GetOEMCP
ReadFile
WideCharToMultiByte
GetSystemDefaultLangID
GetFileType
GetStartupInfoA
ExitProcess
GetEnvironmentStrings
CloseHandle
SetFilePointer
LocalReAlloc
VirtualFree
GetCPInfo
lstrlenA
FreeLibrary
HeapDestroy
GetStringTypeA
CreateFileA
GetCurrentThreadId
RaiseException
lstrcatA
SetErrorMode
VirtualAllocEx
CompareStringA
DeleteFileA
LockResource
GetModuleHandleA
LoadLibraryExA
GetProcessHeap
EnumCalendarInfoA
GetVersion
GetFullPathNameA
VirtualAlloc
FindResourceA
HeapFree
InitializeCriticalSection
GetVersionExA
LoadLibraryA
GetFileSize
SetEvent
lstrcpynA
GetCurrentThread
FreeResource
FormatMessageA
FindFirstFileA
EnterCriticalSection
lstrcmpiA
GlobalDeleteAtom
GetLocalTime
GetCommandLineA
GetCurrentProcessId
GetDateFormatA
GetModuleFileNameA
SetHandleCount
LocalFree
GetStringTypeW
GlobalFindAtomA

user32

GetKeyNameTextA
IsWindowVisible
DrawTextA
GetCursor
IsChild
EnableMenuItem
ClientToScreen
EnableWindow
GetWindowTextA
CreateIcon
GetIconInfo
FindWindowA
GetSubMenu
TrackPopupMenu
DefMDIChildProcA
CallNextHookEx
GetPropA
GetMenu
SetCursor
HideCaret
IsDialogMessageA
ShowScrollBar
GetDlgItem
GetScrollPos
GetDCEx
GetSysColorBrush
GetActiveWindow
FillRect
FrameRect
GetMenuItemCount
EnumThreadWindows
SetWindowLongA
GetKeyState
CheckMenuItem
DrawMenuBar

ole32

StringFromIID
WriteClassStm
CLSIDFromProgID
CreateBindCtx
OleRegGetUserType
StgCreateDocfileOnILockBytes
OleRun

version

VerInstallFileA
VerQueryValueA
VerFindFileA

oleaut32

VariantChangeType
SafeArrayCreate
SysReAllocStringLen
GetErrorInfo

Sections

CODE
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ccf644aef615e97c786515b4fceeb64

Headers

File Characteristics

Imports

advapi32

msvcrt

kernel32

user32

ole32

version

oleaut32

Sections

CODE Size: 50KB - Virtual size: 50KB

.idata Size: 512B - Virtual size: 68KB

.init Size: 119KB - Virtual size: 119KB

INIT Size: 2KB - Virtual size: 1KB

.tls Size: 2KB - Virtual size: 1KB

CODE
Size: 50KB - Virtual size: 50KB

.idata
Size: 512B - Virtual size: 68KB

.init
Size: 119KB - Virtual size: 119KB

INIT
Size: 2KB - Virtual size: 1KB

.tls
Size: 2KB - Virtual size: 1KB