4003130247f2cab8b87f3d8de23293ddbc9568dbac75ad594abc7e01a04390d3

Sharing

Copy URL

Twitter E-mail

General

Target

4003130247f2cab8b87f3d8de23293ddbc9568dbac75ad594abc7e01a04390d3
Size

87KB
MD5

c96613c857018555f3a5bc227567e6e7
SHA1

a402f5e46c8e056c9e9494f7e83902e0fcae3a61
SHA256

4003130247f2cab8b87f3d8de23293ddbc9568dbac75ad594abc7e01a04390d3
SHA512

086fa536e03882efe6eb79a6f56d954205e00c37885f5d23f8eae47702125d7fed2a8c76d6d2e01d6eeb175f273185844a6494847bef2f0f805560867f075c41
SSDEEP

1536:wbXYo4+VLTx6Xl9fArptErSVgt1ky4xp5YVaV1IgxPSfaaaaaM0Mjcv:wbX71VLF6HGL4SVg54Hgc15xPSrjC

Score

N/A

Malware Config

Signatures

Files

4003130247f2cab8b87f3d8de23293ddbc9568dbac75ad594abc7e01a04390d3
.exe windows x86

bb1c98fc2303b60a4dc052fd8cf859ac

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDrives
GetDriveTypeA
GetDiskFreeSpaceExA
ExitProcess
GetComputerNameA
ExitThread
Process32First
GetTickCount
WideCharToMultiByte
GetModuleFileNameW
MultiByteToWideChar
CreateThread
Process32Next
GlobalMemoryStatusEx
CreateMutexA
CreateToolhelp32Snapshot
SetFileAttributesW
CloseHandle
FindNextFileW
lstrcmpiW
LoadLibraryA
FindClose
MoveFileW
GetProcAddress
GetFileSizeEx
CreateFileW
ReadFile
GetFileAttributesW
Sleep
WriteFile
WaitForSingleObject
SetFilePointerEx
SetFilePointer
GetStringTypeW
LCMapStringW
GetLastError
FindFirstFileW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
LoadLibraryW
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapSize
GetModuleHandleW
HeapFree
HeapAlloc
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection

advapi32

RegQueryValueExA
CryptHashData
CryptDecrypt
CryptCreateHash
CryptDeriveKey
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
GetCurrentHwProfileA
RegSetValueExA
CryptGenKey
CryptEncrypt
CryptImportKey
CryptAcquireContextA
CryptExportKey
GetUserNameA

shell32

SHEmptyRecycleBinA
SHGetFolderPathW
ShellExecuteW
ShellExecuteA

crypt32

CryptStringToBinaryA

wininet

InternetReadFile
InternetCloseHandle
InternetOpenA
InternetOpenUrlA

shlwapi

PathFindExtensionW

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb1c98fc2303b60a4dc052fd8cf859ac

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

crypt32

wininet

shlwapi

version

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 3KB - Virtual size: 7KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 3KB - Virtual size: 7KB

.reloc
Size: 6KB - Virtual size: 6KB