3b5b80d73503578c81f8614713dd40843f7d49a03e95aaa0044280a841e8d776

Sharing

Copy URL Twitter E-mail

General

Target

3b5b80d73503578c81f8614713dd40843f7d49a03e95aaa0044280a841e8d776
Size

144KB
MD5

13bb9a96cda7de78885f706c6e2dc910
SHA1

a1ab7aaea536afda33d75c376dcacf6bf8a72fa2
SHA256

3b5b80d73503578c81f8614713dd40843f7d49a03e95aaa0044280a841e8d776
SHA512

ea68dfe53df454ce88e87325df3047f80e6373b2104c545aa467f498ce53f91cd72194e110e5e2738cc3a021d7915574a181a6dac2a88b552601a8b51ed12999
SSDEEP

3072:6to6UC4FceW0WrYHyQ38CijiWni14X3Lt:L6lyWOfWi3s

Score

N/A

Malware Config

Signatures

Files

3b5b80d73503578c81f8614713dd40843f7d49a03e95aaa0044280a841e8d776
.exe windows x86

db3213ce216977d8946fa7ded47e5ba9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

calloc
mbstowcs
asin
fabs
sprintf
strcmp

user32

SendMessageA

advapi32

RegCreateKeyA

kernel32

IsBadHugeReadPtr
VirtualFree
GetCommandLineW
lstrlenW
ExitProcess
GetModuleHandleW
lstrlenA
LoadLibraryExA
WideCharToMultiByte
GetCommandLineA
lstrcpyA
VirtualAlloc
WaitForSingleObject
GetProcAddress
LocalAlloc
GetModuleHandleA
VirtualQuery
WriteFile
IsBadReadPtr

version

VerQueryValueA

oleaut32

GetErrorInfo
SafeArrayGetUBound
SysStringLen
SafeArrayUnaccessData
SysReAllocStringLen

shell32

Shell_NotifyIconA
SHGetFolderPathA
DragQueryFileA
SHGetFileInfoA
SHGetFolderPathA
SHGetFileInfoA

shlwapi

SHSetValueA
PathIsContentTypeA
SHQueryInfoKeyA
SHEnumValueA

comctl32

ImageList_Write
ImageList_DrawEx
ImageList_Read
ImageList_Remove
ImageList_Destroy

comdlg32

GetOpenFileNameA
ChooseColorA

ole32

OleRegGetUserType
CoGetContextToken
GetHGlobalFromStream
PropVariantClear
CoDisconnectObject
OleCreateStaticFromData
CreateStreamOnHGlobal
CoRegisterClassObject
MkParseDisplayName

gdi32

GetPaletteEntries
SaveDC
GetRgnBox
SelectObject
CreateDIBSection
CreatePenIndirect

Sections

CODE
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db3213ce216977d8946fa7ded47e5ba9

Headers

File Characteristics

Imports

msvcrt

user32

advapi32

kernel32

version

oleaut32

shell32

shlwapi

comctl32

comdlg32

ole32

gdi32

Sections

CODE Size: 44KB - Virtual size: 43KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 1KB

.adata Size: 4KB - Virtual size: 1KB

DATA Size: 72KB - Virtual size: 70KB

.cdata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 832B

CODE
Size: 44KB - Virtual size: 43KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 1KB

.adata
Size: 4KB - Virtual size: 1KB

DATA
Size: 72KB - Virtual size: 70KB

.cdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 832B