bd242b9e12bfcde2bb53d4c723f6ea6da98c71d8eff7fd7a14269bd22a5343c3

Sharing

Copy URL Twitter E-mail

General

Target

bd242b9e12bfcde2bb53d4c723f6ea6da98c71d8eff7fd7a14269bd22a5343c3
Size

571KB
MD5

949fc193c765bbe74b9b3c14b07a24c3
SHA1

a3f36ea58c4f6d58d6c1d625ab75568b61f5682d
SHA256

bd242b9e12bfcde2bb53d4c723f6ea6da98c71d8eff7fd7a14269bd22a5343c3
SHA512

8fd38f992195cc12c04a58bcc7044ced5b979e1fb71c1260835bdfef8cbc2b98d741ff876929bebc59484fdff4f71eb110b9705a9219cb9f0dac8748b82115b4
SSDEEP

12288:gSEEu3UKkPM1uP4lZG/MUuNiqnp+1I4tHszQPnR2UlrhXJTCIC:o9GP4/GMUuNiepEKQfflrhZTfC

Score

N/A

Malware Config

Signatures

Files

bd242b9e12bfcde2bb53d4c723f6ea6da98c71d8eff7fd7a14269bd22a5343c3
.exe windows x86

f0dcd32f3a473f910ecc994132d00459

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
GetLastError
SetEnvironmentVariableA
HeapSize
SetStdHandle
IsValidLocale
FlushFileBuffers
GetCurrentProcess
LeaveCriticalSection
TerminateProcess
SetLastError
GetCommandLineA
HeapCreate
HeapAlloc
HeapDestroy
VirtualAlloc
FreeEnvironmentStringsA
TlsSetValue
GetEnvironmentStrings
LCMapStringW
UnhandledExceptionFilter
RtlUnwind
WideCharToMultiByte
GetTimeZoneInformation
GetStartupInfoA
GetCurrentThreadId
GetCommandLineW
lstrcat
SetFilePointer
TlsFree
EnterCriticalSection
CompareStringA
IsValidCodePage
WaitForSingleObject
CompareStringW
ReadFile
GetCurrentThread
GetACP
ExitProcess
CommConfigDialogW
GetStringTypeA
IsBadWritePtr
GetLocaleInfoW
OpenMutexA
LCMapStringA
InitializeCriticalSection
HeapReAlloc
GetStringTypeW
GetModuleFileNameW
WriteFile
GetDateFormatA
CreateMutexA
GetFileType
GetCPInfo
GetTimeFormatA
VirtualProtect
GetSystemTimeAsFileTime
SetHandleCount
GetVersionExA
QueryPerformanceCounter
SetConsoleScreenBufferSize
GetSystemInfo
HeapFree
VirtualQuery
TlsAlloc
VirtualFree
EnumSystemLocalesA
LoadLibraryA
GetStartupInfoW
GetModuleFileNameA
GetNumberFormatA
GetComputerNameW
GetLocaleInfoA
GetModuleHandleA
GetEnvironmentStringsW
GetUserDefaultLCID
GetOEMCP
GetStdHandle
InterlockedExchange
GetTickCount
CloseHandle
TlsGetValue
GetProcAddress
MultiByteToWideChar
SetThreadAffinityMask
DeleteCriticalSection
GetCurrentProcessId
WriteConsoleW

advapi32

LookupSecurityDescriptorPartsW
CryptDeriveKey
CryptGenKey
CryptSetProviderExW
RegLoadKeyA
CryptDestroyKey
RegEnumKeyExW
RegSetValueW
AbortSystemShutdownW
RegQueryValueExW
DuplicateTokenEx
CryptGetDefaultProviderA
ReportEventA
RegDeleteKeyA
CryptGetUserKey
LookupPrivilegeDisplayNameA
CryptDuplicateHash
InitializeSecurityDescriptor
InitiateSystemShutdownW

user32

PostThreadMessageW
SetPropA
RegisterClassExA
TranslateMDISysAccel
ReleaseDC
ToUnicode
SetWinEventHook
RegisterClassA
DispatchMessageA

comdlg32

GetOpenFileNameW

wininet

UpdateUrlCacheContentPath
GetUrlCacheConfigInfoA
DeleteIE3Cache
CreateUrlCacheEntryW
CommitUrlCacheEntryA
FindCloseUrlCache

comctl32

InitCommonControlsEx

Sections

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 359KB - Virtual size: 358KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0dcd32f3a473f910ecc994132d00459

Headers

File Characteristics

Imports

kernel32

advapi32

user32

comdlg32

wininet

comctl32

Sections

.text Size: 196KB - Virtual size: 196KB

.rdata Size: 8KB - Virtual size: 14KB

.data Size: 359KB - Virtual size: 358KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 196KB - Virtual size: 196KB

.rdata
Size: 8KB - Virtual size: 14KB

.data
Size: 359KB - Virtual size: 358KB

.rsrc
Size: 6KB - Virtual size: 5KB