bda8530f916e9d72b83cbbe5a209aeb7d5e8ad7c00f129ad4a679502c7564dc0

Sharing

Copy URL Twitter E-mail

General

Target

bda8530f916e9d72b83cbbe5a209aeb7d5e8ad7c00f129ad4a679502c7564dc0
Size

697KB
MD5

8adb155a2510e6d4f674e99a4d76c155
SHA1

32e4130dabf4acf098b34b336906d8a6bf2e707a
SHA256

bda8530f916e9d72b83cbbe5a209aeb7d5e8ad7c00f129ad4a679502c7564dc0
SHA512

f19298d23e296058b61ef7ff9c390ec2ecbf2d3260c699da06db31a987fa57e8e4bf775eced00afbd3e81eb6510281f8506912db11e8f37f378b13238b8ad1d9
SSDEEP

3072:n/w2TaCZWIiYI1yNfSI70588FQ5c6qMzo/LxP:/w2eIkerCEid/LxP

Score

N/A

Malware Config

Signatures

Files

bda8530f916e9d72b83cbbe5a209aeb7d5e8ad7c00f129ad4a679502c7564dc0
.exe windows x86

e8b2abd1935e203a4124de8a41da7eea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileExW
GlobalHandle
GetVersionExA
GetCurrentProcess
GetVersion
OpenFileMappingW
GetDiskFreeSpaceA
GetModuleHandleA
GetComputerNameW
GetFileAttributesExW
GlobalLock
ReadProcessMemory
GetEnvironmentStrings
GetCurrentThread
Process32Next
Process32First
GetModuleFileNameA
CreateToolhelp32Snapshot
ExitProcess
CloseHandle
LoadLibraryA
CreateFiber
FindNextFileA
GetProcAddress
WriteProcessMemory
OpenProcess
GetDiskFreeSpaceExA
GetProcessAffinityMask
LoadModule

user32

EmptyClipboard
ShowWindow
AppendMenuA
DefWindowProcA
EnumDisplayMonitors
DispatchMessageA
DrawFrameControl
DdeConnect
TranslateMessage
UpdateWindow
CheckMenuRadioItem
GetAsyncKeyState
CloseWindow
GetMenuState
GetMessageA
CreateWindowExA
RegisterClassExA
DestroyAcceleratorTable

advapi32

GetTraceLoggerHandle
RegOpenKeyExA
InitializeSid
GetKernelObjectSecurity
SetKernelObjectSecurity
GetSecurityDescriptorControl
OpenProcessToken
SetTokenInformation
AllocateAndInitializeSid
RegSaveKeyA
CryptHashSessionKey
ReportEventW
DeleteService

shell32

OpenAs_RunDLL
SHInvokePrinterCommandA
StrChrIW
DllGetClassObject
SHFileOperation
SHGetSpecialFolderPathA
StrNCmpA
StrRStrIA
RealShellExecuteW
SHBindToParent
ShellExec_RunDLLA
SHGetSpecialFolderPathW
DoEnvironmentSubstA
SHAppBarMessage
Control_RunDLL
SHAddToRecentDocs
Control_RunDLLW

gdi32

GetCurrentObject
GetPath
AngleArc
CreateICW
GetTextMetricsA
SetArcDirection
GetCharABCWidthsW
CreateFontW
CombineRgn
SetColorAdjustment

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 480KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e8b2abd1935e203a4124de8a41da7eea

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

gdi32

Sections

.text Size: 120KB - Virtual size: 120KB

.data Size: 480KB - Virtual size: 480KB

.idata Size: 88KB - Virtual size: 88KB

.rdata Size: 4KB - Virtual size: 4KB

.aspack Size: 4KB - Virtual size: 4KB

.adata Size: - Virtual size: 4KB

.text
Size: 120KB - Virtual size: 120KB

.data
Size: 480KB - Virtual size: 480KB

.idata
Size: 88KB - Virtual size: 88KB

.rdata
Size: 4KB - Virtual size: 4KB

.aspack
Size: 4KB - Virtual size: 4KB

.adata
Size: - Virtual size: 4KB