2b985bf4a7a112387a8baebca261029bc8a7b658502a197106147e8baf0979e6

Sharing

Copy URL

Twitter E-mail

General

Target

2b985bf4a7a112387a8baebca261029bc8a7b658502a197106147e8baf0979e6
Size

42KB
MD5

124b16cc35a2edc5e0c9f46b3aaf9d48
SHA1

0eca35b117eaa81d42d9699a24ba6dcd313bd838
SHA256

2b985bf4a7a112387a8baebca261029bc8a7b658502a197106147e8baf0979e6
SHA512

ebfbe03909080f4cb7dbcea770fcfb3a7c34b4d9dd38f25311a82acad63443a67e1d28f6be1cd0132fe0a09e507eb9b62b672cce0fa0d55b2c9f57cfa70bb1e7
SSDEEP

192:A0vfiMQxgrsUj0C7+wcjRljC/T7IWymYHNJJPWa5n4zE3neZbgdvTUw8QmWzy:JuNoq/HjC/T7IaiPJ4zE3el0vTUxWzy

Score

N/A

Malware Config

Signatures

Files

2b985bf4a7a112387a8baebca261029bc8a7b658502a197106147e8baf0979e6
.exe windows x86

505fd1b724daeaada0c12692d51cb3c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoW
GetStartupInfoA
AreFileApisANSI
BeginUpdateResourceW
BuildCommDCBAndTimeoutsA
BuildCommDCBAndTimeoutsW
CloseHandle
CompareStringA
CompareStringW
CopyFileW
CreateDirectoryExW
CreateDirectoryW
CreateJobObjectW
CreateMailslotW
CreateSemaphoreW
CreateToolhelp32Snapshot
DefineDosDeviceA
DeleteVolumeMountPointA
DeviceIoControl
DuplicateHandle
EnumCalendarInfoExA
EnumCalendarInfoExW
EnumResourceLanguagesW
EnumResourceTypesW
EnumSystemCodePagesW
FatalAppExitA
FileTimeToLocalFileTime
FillConsoleOutputCharacterA
FindFirstFileExW
FindNextVolumeMountPointA
FindNextVolumeW
FindResourceExA
FlushFileBuffers
FoldStringA
FormatMessageW
GenerateConsoleCtrlEvent
GetAtomNameA
GetAtomNameW
GetCommMask
GetCompressedFileSizeW
GetConsoleCP
GetConsoleOutputCP
GetDiskFreeSpaceExA
GetExitCodeThread
GetFileAttributesA
GetLocalTime
GetLocaleInfoA
GetModuleHandleW
GetOEMCP
GetStdHandle
GetTapeStatus
GetThreadContext
GetTimeFormatW
GetVersionExA
GetWindowsDirectoryA
GlobalUnfix
HeapFree
IsBadCodePtr
IsDebuggerPresent
IsValidLanguageGroup
LoadLibraryExW
LocalLock
LocalShrink
MapViewOfFile
Module32FirstW
OpenEventA
OpenWaitableTimerA
Process32Next
PulseEvent
ReadConsoleA
ReadConsoleOutputCharacterA
ReadConsoleOutputW
RtlFillMemory
SearchPathW
SetCommTimeouts
SetComputerNameA
SetComputerNameExA
SetFileTime
SetInformationJobObject
SetLocalTime
SetSystemTimeAdjustment
SetTapeParameters
SetThreadExecutionState
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualFreeEx
VirtualLock
WritePrivateProfileSectionA
WriteProfileStringW
_llseek
lstrcpyA
lstrcpyn
lstrcpynW
lstrlen
GetNumberOfConsoleMouseButtons
ExitProcess

msvcrt

memset

user32

BroadcastSystemMessageW
CascadeChildWindows
CharLowerA
CharNextA
CharUpperA
CharUpperBuffW
ChildWindowFromPointEx
CloseClipboard
CloseWindow
CopyAcceleratorTableA
CopyImage
CountClipboardFormats
CreateIconIndirect
DdeConnectList
DdeEnableCallback
DeferWindowPos
DestroyMenu
DlgDirListA
DlgDirListComboBoxA
DlgDirListComboBoxW
DrawEdge
DrawFocusRect
DrawFrame
DrawStateA
DrawStateW
EmptyClipboard
EnumWindows
FindWindowExA
GetAltTabInfo
GetAncestor
GetCapture
GetCaretBlinkTime
GetClassInfoW
GetClassLongA
GetClipCursor
GetClipboardViewer
GetDialogBaseUnits
GetDlgItemInt
GetKeyboardLayoutNameW
GetLastActivePopup
GetMenuItemID
GetMenuItemRect
GetMenuStringW
GetMessageW
GetParent
GetProcessDefaultLayout
GetScrollRange
GetWindow
GrayStringA
HideCaret
HiliteMenuItem
IMPQueryIMEW
InsertMenuW
IsWindowVisible
KillTimer
LoadCursorFromFileW
LoadMenuIndirectW
LoadStringA
LockSetForegroundWindow
MenuItemFromPoint
MessageBoxIndirectA
OemToCharBuffW
PostMessageW
PostQuitMessage
PostThreadMessageW
RealGetWindowClass
RedrawWindow
RegisterClassW
RegisterDeviceNotificationA
RemoveMenu
ReplyMessage
SendDlgItemMessageW
SendMessageTimeoutA
SendNotifyMessageA
SendNotifyMessageW
SetDebugErrorLevel
SetDlgItemTextW
SetDoubleClickTime
SetMenuItemInfoA
SetParent
SetRectEmpty
SetUserObjectInformationA
SetUserObjectInformationW
SetWindowLongW
SetWindowWord
SetWindowsHookA
SetWindowsHookW
ShowScrollBar
SystemParametersInfoA
TabbedTextOutA
ToAsciiEx
TranslateAccelerator
UpdateLayeredWindow
WINNLSGetIMEHotkey
WindowFromPoint

advapi32

RegOpenKeyA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text6
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

owtwo1
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

owtwo2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo3
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo4
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo5
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo6
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo7
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

505fd1b724daeaada0c12692d51cb3c6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

Sections

.text Size: 7KB - Virtual size: 7KB

.text6 Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 96B

owtwo1 Size: 1024B - Virtual size: 1000B

owtwo2 Size: 4KB - Virtual size: 3KB

.owtwo3 Size: 4KB - Virtual size: 3KB

.owtwo4 Size: 4KB - Virtual size: 3KB

.owtwo5 Size: 4KB - Virtual size: 3KB

.owtwo6 Size: 4KB - Virtual size: 3KB

.owtwo7 Size: 5KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 7KB - Virtual size: 7KB

.text6
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 96B

owtwo1
Size: 1024B - Virtual size: 1000B

owtwo2
Size: 4KB - Virtual size: 3KB

.owtwo3
Size: 4KB - Virtual size: 3KB

.owtwo4
Size: 4KB - Virtual size: 3KB

.owtwo5
Size: 4KB - Virtual size: 3KB

.owtwo6
Size: 4KB - Virtual size: 3KB

.owtwo7
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 16B