bdc9a302242eac9a83808ec7addaf6dfab1e61a6c0848ceaf683824b567233ee

General

Target

bdc9a302242eac9a83808ec7addaf6dfab1e61a6c0848ceaf683824b567233ee
Size

282KB
MD5

79e5a1f94d2ae9e66305df4ae4f05ff5
SHA1

7c2a235326d2d29981c6aeb560ca1ce6e7039dc1
SHA256

bdc9a302242eac9a83808ec7addaf6dfab1e61a6c0848ceaf683824b567233ee
SHA512

1042cd74b66dc9a9b267f8f44affc61fe329df39ed329a699c937640b0c1938ea6d7a87b8e72c2756b4f8699ac7e93956e049b82d5e953fd284f07db8cc074dc
SSDEEP

6144:ef8uYP75bQn80yB1r10t9x5yRlcCJc5CqrYgTOZOp8Co80n9QO:e0/E8XB1WDxc65BTuOan9z

Score

N/A

Malware Config

Signatures

Files

bdc9a302242eac9a83808ec7addaf6dfab1e61a6c0848ceaf683824b567233ee
.exe windows x86

8313dbd00109d71b42f666ced3ae667d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
GetModuleHandleA
GetTickCount
GetLastError
OpenMutexW
FindNextFileW
HeapReAlloc
GetCurrentThreadId
VirtualAlloc
GetAtomNameW
GetUserDefaultUILanguage
VirtualProtect
HeapFree
lstrcpynW
ReleaseMutex
GetSystemTimeAsFileTime
Sleep
FindClose
GlobalLock
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte

user32

GetWindowLongA
GetIconInfo
GetForegroundWindow
GetCursorPos
MsgWaitForMultipleObjects
GetDlgItem
ExitWindowsEx
CharLowerBuffA
GetClipboardData
ToUnicode
FindWindowExA
SetProcessWindowStation
LoadCursorA
DrawIcon
GetClassNameA
OpenDesktopA
CloseDesktop
GetWindowTextA
SendMessageA

advapi32

CryptHashData
CryptGetHashParam
CryptCreateHash
RegEnumKeyExA
CryptReleaseContext
CryptDestroyHash
RegQueryValueExA
DuplicateTokenEx
RegCreateKeyExA
RegCloseKey
CryptAcquireContextW

shlwapi

PathCombineW
wnsprintfW
PathRemoveFileSpecW
wnsprintfA
PathFindFileNameW
StrStrW
PathFileExistsW
SHDeleteKeyA
StrCmpNIW
wvnsprintfA
wvnsprintfW
PathMatchSpecW

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8313dbd00109d71b42f666ced3ae667d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

Sections

.text Size: 59KB - Virtual size: 58KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 20KB

.text
Size: 59KB - Virtual size: 58KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 20KB