bcf47fc4837af3afacfcc61736033c1fecc0bb4e4d39d3a2106c287372a07339

Sharing

Copy URL Twitter E-mail

General

Target

bcf47fc4837af3afacfcc61736033c1fecc0bb4e4d39d3a2106c287372a07339
Size

1.2MB
MD5

4659c060837709d8938bd6db9dcecbef
SHA1

e5db43d971502d6dabdf869f6342f2cc990cd37a
SHA256

bcf47fc4837af3afacfcc61736033c1fecc0bb4e4d39d3a2106c287372a07339
SHA512

23154614c7b2ab8233ed9229f9502178877325a2f6e0310c55cbe8c789418e9b3c55a01cc4cea49201c87bf10fac0ab59850df6cec1dbc66cc8d16296fb1ed4c
SSDEEP

24576:B0JS2usFs4E0bEejqnlqrU8br2yNNVvYp1C6mf:BqusdieVR2moqf

Score

N/A

Malware Config

Signatures

Files

bcf47fc4837af3afacfcc61736033c1fecc0bb4e4d39d3a2106c287372a07339
.exe windows x86

150b30985a0ee271fd89ff05d9c73166

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

ILGetSize
SHUpdateRecycleBinIcon
SHGetMalloc
IsNetDrive
PathIsSlowA
SHBindToParent
ILCreateFromPathA
SHGetPathFromIDList
ShellAboutA
SHGetImageList
SHAppBarMessage
SHPropStgCreate
SHParseDisplayName
SHInvokePrinterCommandA
SHBrowseForFolder
RealShellExecuteA
SHEmptyRecycleBinA
ILGetNext
IsLFNDrive
SHEnableServiceObject
DllCanUnloadNow
ExtractAssociatedIconA
ShellExecuteExA
SHChangeNotification_Lock
ILIsParent
PifMgr_GetProperties
SHFree
SHCLSIDFromString
PifMgr_CloseProperties
SHGetDataFromIDListA
PifMgr_SetProperties
SHFileOperation
SHLimitInputEdit
SHGetFolderPathAndSubDirA
IsLFNDriveA
PrintersGetCommand_RunDLLA

user32

HideCaret
DialogBoxParamA
CreateWindowExA
PostQuitMessage
SendMessageA
WinHelpA
CheckDlgButton
EnableWindow
DestroyWindow
GetMessageA
ShowWindow
TranslateMessage
SetCursor
RegisterClassExA
GetWindowRect
DefWindowProcA
SystemParametersInfoA
UpdateWindow
InvalidateRect
DispatchMessageA

kernel32

InterlockedIncrement
OpenMutexA
HeapAlloc
WaitForMultipleObjects
SetFirmwareEnvironmentVariableA
ReleaseMutex
GetSystemTime
ReadFile
HeapReAlloc
SetFilePointer
CloseHandle
VerSetConditionMask
FreeEnvironmentStringsA
VirtualFree
InterlockedDecrement
HeapFree
GetLastError
GetCurrentThreadId
VirtualAlloc
GetEnvironmentStringsA
lstrcatA
InterlockedFlushSList
GetVersionExA
InitializeCriticalSection
CreateFileA
InterlockedExchangeAdd
CreateMutexA
GetFileAttributesExA
EnterCriticalSection
SystemTimeToFileTime
ExitProcess

Sections

.text
Size: 1004KB - Virtual size: 1004KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

150b30985a0ee271fd89ff05d9c73166

Headers

DLL Characteristics

File Characteristics

Imports

shell32

user32

kernel32

Sections

.text Size: 1004KB - Virtual size: 1004KB

.data Size: 160KB - Virtual size: 160KB

.rsrc Size: 24KB - Virtual size: 3.0MB

.text
Size: 1004KB - Virtual size: 1004KB

.data
Size: 160KB - Virtual size: 160KB

.rsrc
Size: 24KB - Virtual size: 3.0MB