0b11f581e4d4a3fa3cc31b94839c221ea8b386a341c880e0d49f739dc12182b8

Sharing

Copy URL

Twitter E-mail

General

Target

0b11f581e4d4a3fa3cc31b94839c221ea8b386a341c880e0d49f739dc12182b8
Size

176KB
MD5

53e9f2b5a7b01961f9f346581a5d7522
SHA1

300a775e5c1df294428511a87115ae07c97b94d6
SHA256

0b11f581e4d4a3fa3cc31b94839c221ea8b386a341c880e0d49f739dc12182b8
SHA512

2657dd26469ea44e5ed8a43760811ae67e1e58221cec720b7db0315fb6b60414181ee756c6a1418aad0326cacd9337cd49ac34c360e57c5bb6443886b7953072
SSDEEP

3072:1dmAobksPhYNxY0CdhKj3DQt9PE6paeFv0WFtg3F/m5kap3C0uk5mZQzXwlowtX:J+ksPCKdMj3DEL4ev0WFtgVe5Xp3uk58

Score

N/A

Malware Config

Signatures

Files

0b11f581e4d4a3fa3cc31b94839c221ea8b386a341c880e0d49f739dc12182b8
.exe windows x86

b4f0827e494dffa313107eb7be4f2164

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

secur32

QuerySecurityContextToken

winmm

mciGetCreatorTask
midiOutGetDevCapsA

opengl32

glTexCoord2f
glGetError

rpcrt4

RpcUserFree

mprapi

MprConfigBufferFree

gdi32

RectVisible
InvertRgn
PaintRgn
GetCharABCWidthsW
GetClipRgn
EqualRgn
CreateFontW
EnumFontsA
GetCharacterPlacementW
GetBkColor
ExtCreateRegion

kernel32

FreeConsole
CompareStringW
PostQueuedCompletionStatus
PeekNamedPipe
SetCriticalSectionSpinCount
FillConsoleOutputAttribute
GetCurrencyFormatW
ResetEvent
GetUserDefaultUILanguage
GetNamedPipeServerProcessId
SetTimerQueueTimer
SetCurrentDirectoryW
InterlockedCompareExchange

comdlg32

GetOpenFileNameW

powrprof

WriteGlobalPwrPolicy

pdh

PdhEnumObjectItemsW

setupapi

SetupInstallServicesFromInfSectionExW
SetupFindNextMatchLineW
CM_Get_Device_ID_ExW

user32

DlgDirSelectComboBoxExA
ExcludeUpdateRgn
SetDlgItemTextW
GetOpenClipboardWindow
EnumDisplaySettingsExW
CopyAcceleratorTableW
GetLastInputInfo
GetCursor
GetWindow
ChildWindowFromPoint

ole32

CoUnmarshalHresult
OleBuildVersion
GetConvertStg

lz32

LZOpenFileW

winscard

SCardGetProviderIdA

comctl32

CreateToolbarEx

esent

JetSetColumns

crypt32

CryptStringToBinaryA
CryptMsgGetAndVerifySigner

advapi32

SetFileSecurityW
RegSaveKeyExW
GetSecurityDescriptorControl

oleaut32

SysAllocStringLen
VARIANT_UserFree

shlwapi

PathIsSystemFolderW

imm32

ImmGetCompositionStringW

winspool.drv

DeletePrinter
EnumFormsW

Sections

.text
Size: 156KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4f0827e494dffa313107eb7be4f2164

Headers

File Characteristics

Imports

secur32

winmm

opengl32

rpcrt4

mprapi

gdi32

kernel32

comdlg32

powrprof

pdh

setupapi

user32

ole32

lz32

winscard

comctl32

esent

crypt32

advapi32

oleaut32

shlwapi

imm32

winspool.drv

Sections

.text Size: 156KB - Virtual size: 152KB

.data Size: 4KB - Virtual size: 35KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 436B

.text
Size: 156KB - Virtual size: 152KB

.data
Size: 4KB - Virtual size: 35KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 436B