2b4b2d739ea466ac9d639649d6530ced7e97abf0e729ffde2d608da049f0e147

Sharing

Copy URL

Twitter E-mail

General

Target

2b4b2d739ea466ac9d639649d6530ced7e97abf0e729ffde2d608da049f0e147
Size

1.2MB
MD5

bf48e152050ebfdaab769cd2a0ce6350
SHA1

149c9d01d25e09d4bbc8491377f9316acd9608e1
SHA256

2b4b2d739ea466ac9d639649d6530ced7e97abf0e729ffde2d608da049f0e147
SHA512

eb2168510217615926fcbc11cde600db009803a04b6227c68f97f3289f971dc8ce473f31725476909ade11149f7cf8cc346db0f458e572d0bef267c410ea7758
SSDEEP

3072:QHhOXfR0ixjOz4gOnEZU0p8ZYUrJyO7f09aFrYil6BPtsUzInuPCilm8C5VQbNjk:eMXKz4gr+ZY8H3rnln8UQhjPpVukdRZ

Score

N/A

Malware Config

Signatures

Files

2b4b2d739ea466ac9d639649d6530ced7e97abf0e729ffde2d608da049f0e147
.exe windows x86

b0bcc2e0b31f0d3e64f59372fcb3af96

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect
GetModuleHandleA
GetCurrentThreadId
lstrcmpA
GetProcessId
GetLastError
GetCurrentProcess
GetConsoleCP
GetTickCount
VerLanguageNameA
IsProcessorFeaturePresent
GlobalAlloc

user32

GetCaretBlinkTime
GetWindowThreadProcessId
GetCapture
GetWindowDC
SetFocus
GetActiveWindow
GetAsyncKeyState
SetCursor
SetWindowsHookExA
UnpackDDElParam

comctl32

InitCommonControls
DPA_GetPtr

imagehlp

StackWalk64
SymGetSymNext
SymGetLineNext64
MapAndLoad

gdiplus

GdipSaveImageToFile
GdipDrawPieI
GdipCreateRegion

oledlg

OleUIBusyA
OleUIAddVerbMenuW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA
VerFindFileW

gdi32

GdiStartPageEMF
ExtTextOutA
BRUSHOBJ_pvAllocRbrush
GetKerningPairsA
GetTextCharacterExtra
UnloadNetworkFonts

msimg32

vSetDdrawflag
TransparentBlt
AlphaBlend

shlwapi

PathRemoveBackslashW
UrlCanonicalizeA
PathFindNextComponentA
PathAddBackslashA
PathSetDlgItemPathA

advapi32

SystemFunction003

ole32

StgConvertVariantToProperty
CoGetContextToken

winspool.drv

AddPrinterA
DeletePortW
GetPrinterDataW
AddMonitorW

comdlg32

ChooseFontA
PrintDlgW
ReplaceTextA

oleacc

AccessibleObjectFromPoint
ObjectFromLresult
GetStateTextW
GetRoleTextA
CreateStdAccessibleProxyA

shell32

IsUserAnAdmin
SHAlloc
SHPathPrepareForWriteW

oleaut32

VarI8FromBool
VarR8FromI8
VarDateFromUdateEx

winmm

auxOutMessage
waveInAddBuffer

Sections

.code
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b0bcc2e0b31f0d3e64f59372fcb3af96

Headers

File Characteristics

Imports

kernel32

user32

comctl32

imagehlp

gdiplus

oledlg

version

gdi32

msimg32

shlwapi

advapi32

ole32

winspool.drv

comdlg32

oleacc

shell32

oleaut32

winmm

Sections

.code Size: 1.1MB - Virtual size: 1.1MB

.data Size: 122KB - Virtual size: 122KB

.code
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 122KB - Virtual size: 122KB