78f5a636252b2b5aed2230dceece59192fab486fe2489ed42b20fdd95f4b1a5a

Sharing

Copy URL Twitter E-mail

General

Target

78f5a636252b2b5aed2230dceece59192fab486fe2489ed42b20fdd95f4b1a5a
Size

732KB
MD5

9ff95b71a785d02936492bd67b0c86a7
SHA1

0cc9d13a99e392e6d1de6ad0399bea0ebbff1c99
SHA256

78f5a636252b2b5aed2230dceece59192fab486fe2489ed42b20fdd95f4b1a5a
SHA512

4ca55ff647c523dff2abb3e3246fe821b5016227fb2285ae0724fed80b6eabd79dc94f754b4a786a740e46dd79ebf23269172603e627c0ae3f03a607bf0250d1
SSDEEP

12288:XCTHKY4Mgc0RCryQGK6SkEAXm9oOCEXeZmPHqDnHDm6eDuUlweDuUl:XCTKJD4ryQsAzWjh9

Score

N/A

Malware Config

Signatures

Files

78f5a636252b2b5aed2230dceece59192fab486fe2489ed42b20fdd95f4b1a5a
.exe windows x86

6c7cc3ff79be40a345fc830d788560c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
EnterCriticalSection
GetProcAddress
LoadLibraryA
GetLastError
GetModuleFileNameA
GetFileAttributesA
GetFullPathNameA
GetModuleHandleA
WriteProfileStringA
GetProfileStringA
SetCurrentDirectoryA
GetCurrentDirectoryA
GlobalAddAtomA
GlobalDeleteAtom
GetTickCount
GetCurrentThreadId
FindClose
FindNextFileA
FindFirstFileA
GetWindowsDirectoryA
FreeLibrary
GetCurrentProcess
SetLastError
LockResource
LoadResource
FindResourceExA
FindResourceA
SetThreadPriority
GetThreadPriority
GetCurrentThread
QueryDosDeviceA
GetDriveTypeA
ResumeThread
SuspendThread
GlobalGetAtomNameA
CloseHandle
DeviceIoControl
CreateFileA
CreateMutexA
GetCommandLineA
CopyFileA
SetFileAttributesA
LoadLibraryExA
Sleep
LocalFree
FormatMessageA
DeleteFileA
ExitProcess
WaitForSingleObject
GetTempPathA
GetFileSize
SetEvent
CreateEventA
lstrcmpiA
GetVersionExA
GetSystemInfo
GetSystemDirectoryA
GlobalMemoryStatus
GetDiskFreeSpaceA
GetExitCodeProcess
CreateProcessA
GetStartupInfoA
TerminateProcess
OpenProcess
HeapAlloc
GetProcessHeap
HeapFree
GlobalFree
GlobalAlloc
MultiByteToWideChar
CreateDirectoryA
lstrcmpA
FlushFileBuffers
lstrcatA
InitializeCriticalSection
DeleteCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
OutputDebugStringA
WriteFile
GetSystemDefaultLangID
SetThreadAffinityMask
CreateThread
GetProcessAffinityMask
MoveFileA
CompareFileTime
GetFileTime
OpenFile
GetPrivateProfileStringA
WritePrivateProfileStringA
GetUserDefaultLangID
GetEnvironmentVariableA
GetShortPathNameA
GetLocaleInfoA
WideCharToMultiByte
OpenMutexA
ReleaseMutex
OpenEventA
ResetEvent
PulseEvent
GlobalUnlock
GlobalLock
lstrcpyA
GlobalFindAtomA
GetVersion
InterlockedDecrement
InterlockedIncrement
lstrlenA
lstrcpynA
LocalAlloc
MulDiv
DuplicateHandle
ReadFile
SetFilePointer
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationA
GetThreadLocale
FileTimeToSystemTime
FileTimeToLocalFileTime
GlobalFlags
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
SetErrorMode
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RaiseException
ExitThread
SetStdHandle
GetFileType
GetACP
HeapReAlloc
HeapSize
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
InterlockedExchange

oledlg

ord8

ole32

CoCreateInstance
CoInitialize
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

Sections

.text
Size: 420KB - Virtual size: 419KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 60KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c7cc3ff79be40a345fc830d788560c7

Headers

File Characteristics

Imports

kernel32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 420KB - Virtual size: 419KB

.rdata Size: 80KB - Virtual size: 78KB

.data Size: 60KB - Virtual size: 142KB

.rsrc Size: 168KB - Virtual size: 167KB

.text
Size: 420KB - Virtual size: 419KB

.rdata
Size: 80KB - Virtual size: 78KB

.data
Size: 60KB - Virtual size: 142KB

.rsrc
Size: 168KB - Virtual size: 167KB