0afcbb7118071254730e12272ba23702ae38dee8bf67d6fe67bc66ade8f208fd

Sharing

Copy URL

Twitter E-mail

General

Target

0afcbb7118071254730e12272ba23702ae38dee8bf67d6fe67bc66ade8f208fd
Size

1.3MB
MD5

2d47dafdcf067ec35d8fe61c36f1ec2d
SHA1

0a594cd3127bafb7971585b399e68bdf1cea76a5
SHA256

0afcbb7118071254730e12272ba23702ae38dee8bf67d6fe67bc66ade8f208fd
SHA512

b5b37140aea098270df7bf327e09aced3c36d22638c9be5a73d335e25e4bb40674d72de328d500de45ae14a0ff8793f0f0140a190fb0b83a73fcba15276cf089
SSDEEP

24576:gcUBiGFq3z6Ew3q+0DqJC02MD13RYslIWYpKv25DhZ+iUkEBUDWkRnl1oBKuphPE:gcUBRq3zXMkDF0T3RYHye4BUDH1QVphY

Score

N/A

Malware Config

Signatures

Files

0afcbb7118071254730e12272ba23702ae38dee8bf67d6fe67bc66ade8f208fd
.exe windows x86

bcb7d92765c7906f81e14ab417862051

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileW
GetFileSize
GetVolumeInformationW
ReadFile
WriteFile
OutputDebugStringA
OutputDebugStringW
CloseHandle
WaitForSingleObject
CreateMutexW
GetCurrentProcess
GetCurrentProcessId
CreateThread
TerminateThread
GetSystemDirectoryW
VirtualQuery
FindResourceExW
GetModuleFileNameW
GetModuleHandleW
LoadResource
LockResource
SizeofResource
FindResourceW
CopyFileW
Sleep
GetExitCodeThread
WideCharToMultiByte
SetEndOfFile
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
GetTickCount
ContinueDebugEvent
WaitForDebugEvent
TerminateProcess
CreateProcessW
ReadProcessMemory
FlushFileBuffers
QueryPerformanceCounter
MapViewOfFile
CreateFileMappingW
FormatMessageA
GetSystemTime
CreateFileW
FreeLibrary
SystemTimeToFileTime
LockFileEx
LocalFree
UnlockFile
HeapCompact
LoadLibraryW
GetSystemInfo
DeleteFileA
WaitForSingleObjectEx
CreateFileA
FlushViewOfFile
GetFileAttributesExW
GetFileAttributesA
GetDiskFreeSpaceA
FormatMessageW
GetTempPathA
HeapValidate
UnmapViewOfFile
GetFileAttributesW
GetTempPathW
UnlockFileEx
GetFullPathNameA
LockFile
GetDiskFreeSpaceW
GetFullPathNameW
HeapCreate
AreFileApisANSI
InitializeCriticalSection
TryEnterCriticalSection
GetCurrentThreadId
CreateTimerQueue
UnregisterWaitEx
QueryDepthSList
InterlockedPopEntrySList
ReleaseSemaphore
DuplicateHandle
VirtualFree
VirtualProtect
VirtualAlloc
GetVersionExW
CreateDirectoryW
MultiByteToWideChar
GetPrivateProfileStringW
LoadLibraryA
GetProcAddress
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
DecodePointer
GetLastError
RaiseException
GetSystemTimeAsFileTime
GetModuleHandleA
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SignalObjectAndWait
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetStringTypeW
EncodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
IsDebuggerPresent
QueryPerformanceFrequency
GetCurrentThread
GetThreadTimes
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
SetEvent
ResetEvent
InitializeSListHead
GetStartupInfoW
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
LoadLibraryExW
ExitProcess
GetModuleHandleExW
ExitThread
FreeLibraryAndExitThread
GetStdHandle
GetFileType
GetFileSizeEx
SetFilePointerEx
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetConsoleCP
GetConsoleMode
ReadConsoleW
GetTimeZoneInformation

user32

GetDesktopWindow
wsprintfW
wsprintfA

shell32

SHGetSpecialFolderPathW

ws2_32

WSAStartup

shlwapi

PathFileExistsW

esent

JetRetrieveColumn
JetDBUtilitiesW
JetMove
JetCloseTable
JetOpenTableA
JetCloseDatabase
JetOpenDatabaseA
JetGetColumnInfoA
JetDetachDatabaseA
JetAttachDatabaseA
JetEndSession
JetBeginSessionA
JetSetSystemParameterA
JetTerm
JetCreateInstanceA
JetInit

winhttp

WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpQueryAuthSchemes
WinHttpSetCredentials
WinHttpSendRequest
WinHttpAddRequestHeaders
WinHttpOpenRequest
WinHttpSetOption
WinHttpWriteData
WinHttpReadData
WinHttpConnect
WinHttpSetStatusCallback
WinHttpCloseHandle
WinHttpOpen
WinHttpCrackUrl

wininet

InternetOpenW
InternetQueryOptionW
InternetReadFile
InternetCloseHandle
InternetOpenUrlW

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bcb7d92765c7906f81e14ab417862051

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

ws2_32

shlwapi

esent

winhttp

wininet

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 162KB - Virtual size: 162KB

.data Size: 45KB - Virtual size: 56KB

.reloc Size: 41KB - Virtual size: 40KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 162KB - Virtual size: 162KB

.data
Size: 45KB - Virtual size: 56KB

.reloc
Size: 41KB - Virtual size: 40KB