bddf0da3b8260d814164a9a8dc80234c4cc878cc00f3c9b6d9400c36807ad5e8

Sharing

Copy URL Twitter E-mail

General

Target

bddf0da3b8260d814164a9a8dc80234c4cc878cc00f3c9b6d9400c36807ad5e8
Size

437KB
MD5

e722f8e368dd27ebabc0b97dbc712f34
SHA1

0b19983296d43d9114841c11bd81b5d7d784191a
SHA256

bddf0da3b8260d814164a9a8dc80234c4cc878cc00f3c9b6d9400c36807ad5e8
SHA512

697a956c124e68e69c5421cf31014cb7075e29e68a527616113d7f3f31efbb85c392cf2f43dedb5480162758bdbc03f4f23d1fd4ce3d8034285ee0c0f20685e4
SSDEEP

12288:qkAusUz+V+qrJ7pWu00xZT0YUyE4FoMdayrYxJYM:su/zyX7ku06N01yBFoMnrY/

Score

N/A

Malware Config

Signatures

Files

bddf0da3b8260d814164a9a8dc80234c4cc878cc00f3c9b6d9400c36807ad5e8
.exe windows x86

81d020c7be557e29248034637787a311

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegLoadKeyA
CryptReleaseContext
InitializeSecurityDescriptor
CryptDuplicateKey
RegEnumKeyW
CryptSetHashParam
CryptSetProviderW
RegDeleteKeyA
RegQueryValueW
LookupAccountNameW
RegRestoreKeyA
LookupPrivilegeNameW

shell32

SHGetSettings
ExtractIconEx
DragQueryFileW

kernel32

SetThreadIdealProcessor
MultiByteToWideChar
GetDateFormatA
GetLocaleInfoA
SetConsoleCtrlHandler
GetLastError
VirtualFree
TlsGetValue
GlobalFindAtomW
GetCurrentDirectoryA
FreeEnvironmentStringsA
GetEnvironmentStringsW
SetHandleCount
HeapReAlloc
GlobalGetAtomNameW
HeapCreate
QueryPerformanceCounter
InitializeCriticalSection
GetCurrentProcess
LoadLibraryA
GetCommandLineW
LoadLibraryExW
FreeEnvironmentStringsW
RtlUnwind
ReadFile
VirtualAlloc
GetUserDefaultLCID
lstrcmpiA
TlsAlloc
SetConsoleCP
CreateMutexW
CompareStringW
LCMapStringW
GetStringTypeA
HeapSize
GetACP
TerminateProcess
MapViewOfFile
GetEnvironmentVariableA
LCMapStringA
HeapDestroy
IsValidLocale
GetCurrentThread
GetEnvironmentStrings
IsValidCodePage
GetProcessHeap
EnumSystemLocalesA
TlsSetValue
GetStdHandle
GetOEMCP
VirtualQuery
UnmapViewOfFile
ExitProcess
WideCharToMultiByte
GetTimeZoneInformation
UnhandledExceptionFilter
GetLocaleInfoW
InterlockedIncrement
GetVersionExA
TlsFree
GetModuleHandleA
InterlockedExchange
OpenWaitableTimerA
SetUnhandledExceptionFilter
InterlockedDecrement
LeaveCriticalSection
GetModuleFileNameW
CreateMutexA
GetCommandLineA
GetStartupInfoW
SetEnvironmentVariableA
WriteFile
GetCurrentThreadId
GetStartupInfoA
GetTimeFormatA
OpenMutexA
HeapFree
FreeLibrary
FindAtomW
IsDebuggerPresent
GetCurrentProcessId
HeapAlloc
GetProcAddress
Sleep
GetModuleFileNameA
DeleteCriticalSection
CompareStringA
GetTickCount
GetStringTypeW
GetFileType
GetLongPathNameA
GetSystemTimeAsFileTime
EnterCriticalSection
SetLastError
SetComputerNameW
GetCPInfo

Sections

.text
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81d020c7be557e29248034637787a311

Headers

File Characteristics

Imports

advapi32

shell32

kernel32

Sections

.text Size: 143KB - Virtual size: 142KB

.rdata Size: 8KB - Virtual size: 17KB

.data Size: 280KB - Virtual size: 280KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 143KB - Virtual size: 142KB

.rdata
Size: 8KB - Virtual size: 17KB

.data
Size: 280KB - Virtual size: 280KB

.rsrc
Size: 4KB - Virtual size: 4KB