b047da6ac343948975c2b73457165c3f88388703e954fc09749184be29bebb56

Sharing

Copy URL Twitter E-mail

General

Target

b047da6ac343948975c2b73457165c3f88388703e954fc09749184be29bebb56
Size

215KB
MD5

4ee374b9a122e337d68b6b4c85484c5f
SHA1

d190997350fb0ddc5e6cad1354b9c13c4ac94a0d
SHA256

b047da6ac343948975c2b73457165c3f88388703e954fc09749184be29bebb56
SHA512

b69b1e684dfe331b899aa0f8e25624de26b185887e92696704f6b54df7307a3184604ed4bf766b8a6761285a7ef55b68eb8fe0bde273d737feafacea06080855
SSDEEP

6144:xqBr6UCMN59QKWg+vy9wpBNZT6GzvC4VReXr89lf:xg652QKWg+vy63NZT6MvC4Leov

Score

N/A

Malware Config

Signatures

Files

b047da6ac343948975c2b73457165c3f88388703e954fc09749184be29bebb56
.exe windows x86

bce70df9932e464db6573d6b15c4b105

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
InitializeCriticalSection
MultiByteToWideChar
CompareStringW
GetTimeZoneInformation
FreeEnvironmentStringsW
HeapAlloc
LoadLibraryA
GetCommandLineW
UnhandledExceptionFilter
DeleteCriticalSection
GetEnvironmentVariableW
FreeEnvironmentStringsA
GetLastError
InterlockedExchange
TlsFree
GetEnvironmentStringsW
HeapCreate
HeapDestroy
EnterCriticalSection
WriteFile
GetOEMCP
HeapSize
GetStartupInfoA
CreateDirectoryExA
IsValidLocale
GetSystemInfo
GetVersionExA
GetProcAddress
GetCPInfo
GetUserDefaultLCID
HeapFree
CompareStringA
GetModuleFileNameW
GetCurrentThread
LCMapStringA
VirtualQuery
TlsSetValue
LCMapStringW
VirtualProtect
GetFileType
LeaveCriticalSection
GetCommandLineA
GetTimeFormatA
HeapReAlloc
TlsGetValue
ExitProcess
GetACP
EnumSystemLocalesA
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
SetLastError
GetModuleHandleA
GetStringTypeA
SetEnvironmentVariableA
SetHandleCount
GetCurrentThreadId
WideCharToMultiByte
IsBadWritePtr
GetLocaleInfoW
GetStringTypeW
GetCurrentProcessId
GetModuleFileNameA
TlsAlloc
GetLocaleInfoA
lstrcatA
GetTickCount
IsValidCodePage
GetDateFormatA
GetStdHandle
GetSystemTimeAsFileTime
VirtualFree
RtlUnwind
GetStartupInfoW

wininet

InternetTimeToSystemTimeW
InternetAttemptConnect
SetUrlCacheGroupAttributeW
IncrementUrlCacheHeaderData
InternetSetDialStateA
InternetSetOptionA
UpdateUrlCacheContentPath
HttpOpenRequestW
InternetFindNextFileW
DeleteUrlCacheEntry
SetUrlCacheEntryGroupW
ResumeSuspendedDownload
InternetDialW
HttpSendRequestA
RunOnceUrlCache
FtpCreateDirectoryW
InternetWriteFile
InternetCloseHandle

gdi32

DescribePixelFormat
GetBitmapBits
DrawEscape
GetMetaFileW
CreatePen
ColorMatchToTarget
SetTextJustification
ResetDCA
DeleteEnhMetaFile
GetCharABCWidthsW
GetMetaRgn
GetLayout
RealizePalette
GetAspectRatioFilterEx
GetRegionData
GetWindowOrgEx
GdiGetBatchLimit
TextOutW
GetFontData
ExtTextOutW
SetICMProfileW
CreatePolygonRgn

advapi32

CryptDecrypt

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bce70df9932e464db6573d6b15c4b105

Headers

File Characteristics

Imports

kernel32

wininet

gdi32

advapi32

Sections

.text Size: 100KB - Virtual size: 100KB

.data Size: 110KB - Virtual size: 118KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 100KB - Virtual size: 100KB

.data
Size: 110KB - Virtual size: 118KB

.rsrc
Size: 3KB - Virtual size: 3KB