0ca397cd9b4dd05d04216e1511fcfb820e91383d82f34dc003698f4fc3f11744

Sharing

Copy URL

Twitter E-mail

General

Target

0ca397cd9b4dd05d04216e1511fcfb820e91383d82f34dc003698f4fc3f11744
Size

268KB
MD5

03f6ec5cca4b5d0eb52775125e770f07
SHA1

782a8fd49bbc5fe7ff3c28508561a400fc22732e
SHA256

0ca397cd9b4dd05d04216e1511fcfb820e91383d82f34dc003698f4fc3f11744
SHA512

21a6896b3f3f2451a29aa3216d0dbb12c00b7f79f02319beaf10d5226f669cbdc3f7623e17da65d82d5320703fb9c17f713793e250d124492491cd9b19815ef8
SSDEEP

6144:dTx702uMSAvTdWOeJMChx19B0557gRJ15Gy2XHD0FUYlBU2sdj:dG2oAvh4ThU55cn8XWY2sdj

Score

N/A

Malware Config

Signatures

Files

0ca397cd9b4dd05d04216e1511fcfb820e91383d82f34dc003698f4fc3f11744
.exe windows x86

4a999cb998d6a41f254564fe007d05a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefWindowProcW
GetActiveWindow
SetWindowPos
SetWindowLongW
CheckMenuItem
PostMessageW
OffsetRect
ShowWindowAsync
SetMenuItemInfoA
InflateRect
DestroyIcon
MessageBeep
SendMessageW

kernel32

GetLastError
CompareStringW
CompareStringA
GetTimeZoneInformation
GetLocaleInfoW
HeapSize
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetCurrentThread
GetVersionExA
GetEnvironmentStrings
VirtualAlloc
GetEnvironmentStringsW
GetTickCount
IsDebuggerPresent
GetProcAddress
LoadLibraryA
LocalFree
FindClose
ResetEvent
lstrlenW
LeaveCriticalSection
GetCurrentProcess
GetVersionExW
GetCommandLineA
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
SetEnvironmentVariableA
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
SetUnhandledExceptionFilter
FatalAppExitA
EnterCriticalSection
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
InitializeCriticalSection
Sleep
HeapReAlloc
RtlUnwind

shlwapi

SHDeleteValueW

setupapi

SetupDecompressOrCopyFileA

Sections

.text
Size: 228KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a999cb998d6a41f254564fe007d05a5

Headers

File Characteristics

Imports

user32

kernel32

shlwapi

setupapi

Sections

.text Size: 228KB - Virtual size: 226KB

.data Size: 28KB - Virtual size: 24KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 228KB - Virtual size: 226KB

.data
Size: 28KB - Virtual size: 24KB

.reloc
Size: 8KB - Virtual size: 4KB