2d3e33cbc650f4e7b41a896f937a496a339508e8cc31d4912f23d307a467bfe3

Sharing

Copy URL Twitter E-mail

General

Target

2d3e33cbc650f4e7b41a896f937a496a339508e8cc31d4912f23d307a467bfe3
Size

84KB
MD5

ee26f1693bea8e216f7519d59a6da389
SHA1

e8ffa1c749008631422e6c2169a0657a748fae71
SHA256

2d3e33cbc650f4e7b41a896f937a496a339508e8cc31d4912f23d307a467bfe3
SHA512

aae24b37b5bb7776063bdcb3dfcac2f6281c9813c19542b9d78a4fbae9b7d4913ed9a3270d5deccb22e40aeb36a621ab8913404214acb9b7c720062bc45fb6a7
SSDEEP

768:G13t1Bc+LRzpYXev37bFCaTXQRdamZAJdcLH3+8F2iB9y1DP6jxEmtG7W:wcGYXMhCaTm9ZAozFWziFtl

Score

1^/10

Malware Config

Signatures

Files

2d3e33cbc650f4e7b41a896f937a496a339508e8cc31d4912f23d307a467bfe3
.exe windows x86

78be2fb41b5572c70a289acfbf1e0151

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetCommandLineA
IsBadReadPtr
HeapFree
HeapReAlloc
HeapAlloc
MulDiv
lstrcatA
lstrcpyA
GetStartupInfoA
GetVersion
InterlockedDecrement
InterlockedIncrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
ExitProcess
SetLastError
TlsGetValue
GetLastError
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
VirtualAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
CloseHandle
SetFilePointer
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
FlushFileBuffers
GetStringTypeA
GetStringTypeW
GetModuleHandleA
GetProcessHeap
LoadLibraryA
GetProcAddress

user32

ScreenToClient
SetWindowLongA
UnregisterHotKey
ReleaseCapture
RegisterHotKey
LoadBitmapA
SetCapture
SendMessageA
GetDC
GetCursorPos
CreateWindowExA
CallWindowProcA
MessageBoxA
wsprintfA
DispatchMessageA
PeekMessageA
GetMessageA
TranslateMessage
GetSysColor

gdi32

GetDeviceCaps
DeleteObject
CreateFontA
TranslateCharsetInfo

shell32

DragQueryFileA
DragFinish
DragAcceptFiles

comctl32

ImageList_Add
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ord17
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_EndDrag
ImageList_DragShowNolock

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78be2fb41b5572c70a289acfbf1e0151

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 20KB - Virtual size: 87KB

.rsrc Size: 4KB - Virtual size: 664B

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 20KB - Virtual size: 87KB

.rsrc
Size: 4KB - Virtual size: 664B