b1a32a07c0849eb95aa2d4239a6ad1b27d38f964dada6d97901d7abaa7d27948

Sharing

Copy URL

Twitter E-mail

General

Target

b1a32a07c0849eb95aa2d4239a6ad1b27d38f964dada6d97901d7abaa7d27948
Size

275KB
MD5

3a904bc6de773093d6d077a1fb3ee9ef
SHA1

625034e46ff2018c984aaa4cc93882d6c53389e7
SHA256

b1a32a07c0849eb95aa2d4239a6ad1b27d38f964dada6d97901d7abaa7d27948
SHA512

226dafe16c2901082be39925c84455936180d5156eb72808c18f07058f49c4bb14dfe8e29d27f0a9dea4001fd2b312d1fa85133125277f875827780df00e3d05
SSDEEP

6144:pUuSIRlClKyqyTKxNI4KwBvOM5O29CoG9/RxwyCVXEVuIysF:1ClayTwOM5wog/wV0Hy8

Score

N/A

Malware Config

Signatures

Files

b1a32a07c0849eb95aa2d4239a6ad1b27d38f964dada6d97901d7abaa7d27948
.exe windows x86

19bee2fcc42a85cffe28bbb9525bed15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupPrivilegeValueA
RegCreateKeyExW
RegReplaceKeyA
CryptAcquireContextW
LogonUserW
RegOpenKeyExA
RegQueryValueExW
LookupAccountNameA

user32

EditWndProc
FindWindowExW
UnregisterClassW
LoadCursorFromFileA
EnableMenuItem
RedrawWindow
EnumWindowStationsW

comdlg32

PrintDlgW
GetOpenFileNameA
FindTextA

gdi32

DeleteColorSpace
ExtFloodFill
SetBitmapBits
GetTextMetricsW
CreateColorSpaceW
OffsetWindowOrgEx
FrameRgn
DrawEscape
ResizePalette
RemoveFontResourceW
PathToRegion
CombineRgn
SetSystemPaletteUse
EndDoc
GetDeviceCaps
LineTo
GetNearestColor
IntersectClipRect
CheckColorsInGamut
CreateDIBSection
GetViewportOrgEx
GetColorAdjustment
ExtTextOutW

kernel32

GetLastError
GetVersionExA
LoadLibraryA
GetStartupInfoW
GetStringTypeA
GetTimeZoneInformation
GetFileType
GetTimeFormatA
EnumSystemLocalesA
IsValidLocale
GetEnvironmentStrings
InterlockedExchange
GetLocaleInfoW
FreeEnvironmentStringsW
VirtualAlloc
VirtualFree
HeapReAlloc
GetSystemInfo
GetStdHandle
GetLocaleInfoA
WideCharToMultiByte
GetModuleFileNameA
GetCurrentProcess
LCMapStringW
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetStartupInfoA
UnhandledExceptionFilter
TlsFree
GetOEMCP
IsBadWritePtr
GetModuleFileNameW
WriteFile
GetProcAddress
EnterCriticalSection
VirtualProtect
VirtualQuery
ExitProcess
GetEnvironmentStringsW
LeaveCriticalSection
GetCurrentThreadId
SetEnvironmentVariableA
GetDateFormatA
SetFilePointer
HeapSize
GetCurrentProcessId
GetCPInfo
TlsGetValue
TlsAlloc
GetCommandLineW
SetHandleCount
CompareStringA
RtlUnwind
HeapAlloc
GetTickCount
HeapFree
FreeEnvironmentStringsA
GetCurrentThread
LCMapStringA
TlsSetValue
InitializeCriticalSection
MultiByteToWideChar
DeleteCriticalSection
GetCommandLineA
CompareStringW
SetLastError
QueryPerformanceCounter
IsValidCodePage
HeapCreate
HeapDestroy
GetACP
GetStringTypeW
TerminateProcess
GetModuleHandleA

shell32

DoEnvironmentSubstA
ExtractIconExW
SHBrowseForFolder
ExtractAssociatedIconExA

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19bee2fcc42a85cffe28bbb9525bed15

Headers

File Characteristics

Imports

advapi32

user32

comdlg32

gdi32

kernel32

shell32

Sections

.text Size: 121KB - Virtual size: 120KB

.rdata Size: 8KB - Virtual size: 29KB

.data Size: 137KB - Virtual size: 136KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 121KB - Virtual size: 120KB

.rdata
Size: 8KB - Virtual size: 29KB

.data
Size: 137KB - Virtual size: 136KB

.rsrc
Size: 8KB - Virtual size: 7KB