7b95c9d02e15850cddf1d6b8268b1d7c1e783ad9d76a81f45af253d0210bf969

Sharing

Copy URL Twitter E-mail

General

Target

7b95c9d02e15850cddf1d6b8268b1d7c1e783ad9d76a81f45af253d0210bf969
Size

271KB
MD5

8864c14eac0330d320aea6d292fdb3a3
SHA1

14ba44221c8f3814a9ed248da60ce6b4d84667b7
SHA256

7b95c9d02e15850cddf1d6b8268b1d7c1e783ad9d76a81f45af253d0210bf969
SHA512

0762123cc51b0abddea94c9048fe0d49a1940c36635f87a981c1ae496906b3f798fb8fc8efffc9d097348c97e3795819f75760770c70fd02cce513ab25723720
SSDEEP

6144:mHrbCijuXnSQ2dJHFz0ApxobzMySKwo4oPLfhxj17Icj3heDIe+d:grDHB/yGToPLZjI+AUeu

Score

N/A

Malware Config

Signatures

Files

7b95c9d02e15850cddf1d6b8268b1d7c1e783ad9d76a81f45af253d0210bf969
.exe windows x86

baf7a67fe938efe765c98ae3794e755f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHInvokePrinterCommandA
DragQueryFileAorW
SHAppBarMessage
SHGetDesktopFolder
SHGetMalloc
DragQueryPoint
SHInvokePrinterCommandW
SHGetSettings
CheckEscapesW
DragQueryFileA
ExtractIconExW
ShellHookProc
SheChangeDirExW
SHLoadInProc
DragFinish
SHAddToRecentDocs
ShellExecuteExA
DoEnvironmentSubstA
SHGetFileInfoA
SHGetDiskFreeSpaceA
DoEnvironmentSubstW

user32

EnumClipboardFormats
GetScrollBarInfo
IsRectEmpty

wininet

InternetCreateUrlA
IsUrlCacheEntryExpiredA
InternetCreateUrlW
FtpRemoveDirectoryA
InternetCanonicalizeUrlA
SetUrlCacheEntryGroupA
FreeUrlCacheSpaceA
DeleteUrlCacheContainerW
SetUrlCacheConfigInfoW
InternetConfirmZoneCrossingW
InternetCloseHandle
GopherOpenFileA
FindCloseUrlCache
InternetSetCookieA
InternetFortezzaCommand
CreateUrlCacheGroup
InternetOpenUrlA
CreateUrlCacheContainerW
GetUrlCacheHeaderData
FindFirstUrlCacheContainerW
SetUrlCacheGroupAttributeW
LoadUrlCacheContent

comdlg32

ReplaceTextA

kernel32

SetLastError
GetModuleFileNameA
HeapFree
SetCurrentDirectoryA
LoadLibraryA
GetCurrentProcess
GetModuleFileNameW
GetCurrentThreadId
DeleteCriticalSection
InterlockedExchange
GetVersion
GetThreadPriorityBoost
GetProfileSectionW
ExitProcess
GetThreadTimes
FreeEnvironmentStringsW
QueryPerformanceCounter
IsBadWritePtr
GlobalDeleteAtom
VirtualFree
DeleteAtom
GetFileType
GetProcAddress
HeapReAlloc
TlsSetValue
GetStdHandle
InitializeCriticalSection
GetStartupInfoW
FreeEnvironmentStringsA
GetLastError
EnumResourceNamesW
HeapCreate
SystemTimeToTzSpecificLocalTime
WriteProfileSectionW
VirtualAlloc
WriteFile
TerminateProcess
GetLogicalDriveStringsA
GetStringTypeExA
FlushViewOfFile
CreatePipe
HeapDestroy
EnumDateFormatsExA
TlsGetValue
GlobalSize
SetLocaleInfoA
GetCurrentProcessId
GetModuleHandleA
GetCurrentThread
EnterCriticalSection
GetCommandLineW
TlsFree
GlobalReAlloc
RtlUnwind
MultiByteToWideChar
LeaveCriticalSection
ReadConsoleOutputAttribute
GetTickCount
GetEnvironmentStringsW
SetHandleCount
TlsAlloc
GetStartupInfoA
GlobalFix
VirtualQuery
EnumSystemLocalesA
GetEnvironmentStrings
UnhandledExceptionFilter
GetCommandLineA
GetSystemTimeAsFileTime
HeapAlloc

advapi32

CryptGetDefaultProviderA
RegDeleteValueA
CryptDestroyHash
RegDeleteKeyA
RegSaveKeyA
RegSetValueExW
RegQueryMultipleValuesA
RegFlushKey

Sections

.text
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

baf7a67fe938efe765c98ae3794e755f

Headers

File Characteristics

Imports

shell32

user32

wininet

comdlg32

kernel32

advapi32

Sections

.text Size: 131KB - Virtual size: 131KB

.data Size: 132KB - Virtual size: 131KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 131KB - Virtual size: 131KB

.data
Size: 132KB - Virtual size: 131KB

.rsrc
Size: 6KB - Virtual size: 6KB