bd24df2c3cfcb445aafa834a549e5f340f9887b44a27a4c345c602c11d0442e9

Sharing

Copy URL Twitter E-mail

General

Target

bd24df2c3cfcb445aafa834a549e5f340f9887b44a27a4c345c602c11d0442e9
Size

232KB
MD5

c4f1056441dd68dc7d0b498dc40c7fb6
SHA1

9faf7ef80c7f499c0c0785e6324d0d352dc3ce89
SHA256

bd24df2c3cfcb445aafa834a549e5f340f9887b44a27a4c345c602c11d0442e9
SHA512

88a46fa76d029dbf85c9dd212634f81517f1030df68610f00535bf1fa6c823cc432ef419a1f7397910cd5062b342cccb4d5f2e98eb18f050dd8fd516af6b9130
SSDEEP

6144:bwdochMJkxvcko9jt/0ibbzVsybhGHeqJfXjc7Gr9r9Py:ohokOkoJtZbfVxbhOeqlzcKr95

Score

N/A

Malware Config

Signatures

Files

bd24df2c3cfcb445aafa834a549e5f340f9887b44a27a4c345c602c11d0442e9
.exe windows x86

bf53e7952bf99579bd645e16bc7f34bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyA
RegCreateKeyA
LookupPrivilegeDisplayNameA
CryptAcquireContextA
ReportEventA
CryptDecrypt
CryptDestroyKey
DuplicateToken
RegSetValueA
CryptReleaseContext

gdi32

SetTextCharacterExtra
GetKerningPairsA
SetICMMode
UnrealizeObject
GetGlyphOutlineA
CreateColorSpaceA
CreatePolygonRgn
SetMagicColors

comdlg32

PrintDlgA
FindTextA
PageSetupDlgW
ChooseColorA
ChooseFontA
ChooseFontW
GetOpenFileNameA
ReplaceTextW
GetOpenFileNameW
GetSaveFileNameA
GetSaveFileNameW
GetFileTitleA
ReplaceTextA
FindTextW
PageSetupDlgA
GetFileTitleW
ChooseColorW

user32

GrayStringA
CreateMDIWindowW
GetCursor
GetWindowTextLengthW
SetFocus
GetWindowModuleFileNameA
GetUserObjectInformationA
EndPaint

kernel32

GetLocalTime
TerminateProcess
GlobalSize
RtlUnwind
VirtualAllocEx
IsBadWritePtr
UnmapViewOfFile
GetLastError
LoadLibraryA
DeleteCriticalSection
FreeEnvironmentStringsW
VirtualFree
SetHandleCount
WriteFile
InitializeCriticalSection
VirtualProtect
GetStartupInfoA
SetLastError
GetCurrentThread
HeapReAlloc
ExitProcess
CompareFileTime
GetEnvironmentStringsA
GetCurrentProcessId
FlushViewOfFile
GetModuleFileNameA
GetVersion
HeapCreate
QueryPerformanceCounter
ResumeThread
WriteProfileSectionA
GetStartupInfoW
UnhandledExceptionFilter
GetCurrentThreadId
GetProcAddress
EnterCriticalSection
GetFileType
EnumSystemCodePagesW
FreeLibrary
SetVolumeLabelW
GetModuleFileNameW
GetTickCount
GetCommandLineA
GetThreadPriority
ReadConsoleOutputAttribute
SetUnhandledExceptionFilter
GetStdHandle
TlsAlloc
GetModuleHandleA
CommConfigDialogA
LeaveCriticalSection
TlsFree
TlsSetValue
VirtualQuery
TlsGetValue
VirtualAlloc
GetEnvironmentStringsW
GetEnvironmentStrings
GetCurrentProcess
CreateNamedPipeA
HeapAlloc
InterlockedExchange
GetCommandLineW
MultiByteToWideChar
SetConsoleScreenBufferSize
GetSystemTimeAsFileTime
HeapFree
HeapDestroy
RtlZeroMemory
FreeEnvironmentStringsA
MoveFileExW

shell32

SHFormatDrive
ExtractIconEx
ShellExecuteEx
ShellExecuteW
SHFreeNameMappings
DragQueryFileW
DragQueryPoint
SHLoadInProc
SHQueryRecycleBinA
InternalExtractIconListW
SHGetDesktopFolder
SHAddToRecentDocs
SHInvokePrinterCommandA
SHGetMalloc
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDList
SheGetDirA
ExtractIconA
SHEmptyRecycleBinW
ShellAboutA
SHFileOperationW
SHGetSpecialFolderPathA
RealShellExecuteA
SHGetPathFromIDListA

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 129KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf53e7952bf99579bd645e16bc7f34bd

Headers

File Characteristics

Imports

advapi32

gdi32

comdlg32

user32

kernel32

shell32

Sections

.text Size: 90KB - Virtual size: 89KB

.data Size: 129KB - Virtual size: 140KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 90KB - Virtual size: 89KB

.data
Size: 129KB - Virtual size: 140KB

.rsrc
Size: 12KB - Virtual size: 11KB