bd2e0c726a3f957617645ebe21acbd0ec78cec240a29eab0ddde648bc907d81c

Sharing

Copy URL

Twitter E-mail

General

Target

bd2e0c726a3f957617645ebe21acbd0ec78cec240a29eab0ddde648bc907d81c
Size

441KB
MD5

d2bb5408060a3210c4e69c5597b5be09
SHA1

4dd9465452e7f9c84ef88865df351f6c8a2b3a20
SHA256

bd2e0c726a3f957617645ebe21acbd0ec78cec240a29eab0ddde648bc907d81c
SHA512

c3c53c8b91f179504b2b83599ec558775141661b7d5c084d0428eb5957dcdc82b3fb24a4e3cdc4d831e0d66dc0e9144c78049792cb918cc56870852a61a0e49c
SSDEEP

12288:SNMXWyQYKaYcRb0Te3rjzpcloLpLJYNM6jTJS0H:hGaKHo0OjzfdLqlXZ

Score

N/A

Malware Config

Signatures

Files

bd2e0c726a3f957617645ebe21acbd0ec78cec240a29eab0ddde648bc907d81c
.exe windows x86

9ce941a1a3ef1dbed4be2ad1e47b722e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetSaveFileNameA
PrintDlgA
GetFileTitleW

user32

GetWindowTextW

advapi32

RegDeleteKeyA
RegQueryMultipleValuesA
RegOpenKeyExW
CryptSignHashA
RegDeleteValueW
LookupAccountNameW
RegSaveKeyA
DuplicateToken
CryptDuplicateKey
CryptDuplicateHash
CryptExportKey
CryptHashData
RegCloseKey
CryptContextAddRef
RegNotifyChangeKeyValue

gdi32

SetTextAlign
CreateSolidBrush
UpdateICMRegKeyA
AnimatePalette
ColorMatchToTarget
GetICMProfileA
CreateEnhMetaFileA
DeleteColorSpace
AbortDoc
GetMetaFileA
GetWindowOrgEx
GetWorldTransform
GetPolyFillMode

kernel32

HeapSize
DebugBreak
lstrlenA
GetConsoleOutputCP
GetConsoleMode
FreeLibrary
GetExitCodeProcess
GetModuleFileNameW
TlsGetValue
GetStdHandle
GetCurrentProcess
HeapFree
SetEnvironmentVariableA
SetHandleCount
IsBadReadPtr
GetCommandLineW
InterlockedDecrement
IsDebuggerPresent
InterlockedIncrement
VirtualFree
GetFileAttributesA
WriteConsoleW
GetEnvironmentStringsW
CompareStringW
CloseHandle
IsValidLocale
GetConsoleCP
HeapValidate
LCMapStringW
SetFilePointer
GetLastError
WideCharToMultiByte
GetProcAddress
Sleep
GetACP
GetStringTypeA
InterlockedExchange
GetModuleHandleW
GetStartupInfoA
GetLocaleInfoA
TlsSetValue
OutputDebugStringA
GetFileType
GetCPInfo
GetDateFormatA
GetCurrentThread
QueryPerformanceCounter
ExitProcess
GetOEMCP
DeleteCriticalSection
GetTimeFormatA
SetUnhandledExceptionFilter
TlsFree
VirtualQuery
LoadLibraryA
GetCurrentThreadId
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
GetProcessHeap
GetSystemTimeAsFileTime
GetTickCount
SetStdHandle
GetLocaleInfoW
SetConsoleCtrlHandler
HeapDestroy
HeapReAlloc
LeaveCriticalSection
TerminateProcess
HeapAlloc
IsValidCodePage
SetLastError
EnumSystemLocalesA
UnhandledExceptionFilter
HeapCreate
WriteConsoleA
GetModuleFileNameA
EnterCriticalSection
GetStartupInfoW
GetUserDefaultLCID
GetTimeZoneInformation
WriteFile
FreeEnvironmentStringsW
OutputDebugStringW
MultiByteToWideChar
GetCurrentProcessId
LCMapStringA
CompareStringA
CreateFileA
FlushFileBuffers
GetStringTypeW
SetConsoleTextAttribute
RtlUnwind
LoadLibraryW
RaiseException
CommConfigDialogA
TlsAlloc

Sections

.text
Size: 251KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 177KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ce941a1a3ef1dbed4be2ad1e47b722e

Headers

File Characteristics

Imports

comdlg32

user32

advapi32

gdi32

kernel32

Sections

.text Size: 251KB - Virtual size: 250KB

.data Size: 177KB - Virtual size: 176KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 251KB - Virtual size: 250KB

.data
Size: 177KB - Virtual size: 176KB

.rsrc
Size: 12KB - Virtual size: 11KB