bb12d43752bd6adb68bb54be7dde68ca[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

bb12d43752bd6adb68bb54be7dde68ca.exe
Size

136KB
MD5

bb12d43752bd6adb68bb54be7dde68ca
SHA1

399e2b11c5f97e089434745fa174af59b738e7ad
SHA256

c6685a4c01221444f60c02ca187f54343e15089fc7880a8551ccaa119f2532ad
SHA512

fb7b8ac09a721ea057b424cb855ba0cb3e8e2f710f2ea17ada89fd3843d9ddb7f0b03c615db60f05438f1ea720e73a97072fcf94ddc1c7ba45b6448e1a4fbfa1
SSDEEP

3072:CN7FVxVzbL02rXlwiIrClX1O6OhOqsY9WZYWmwdaX82X45iAKMaEUSDslGz0KHVR:CNxVjbLXDup2lXY6O0VYIOMjHH

Score

N/A

Malware Config

Signatures

Files

bb12d43752bd6adb68bb54be7dde68ca.exe
.exe windows x86

8dda9f5ba78fa54a76a17286e125457d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
GetStartupInfoA
QueryPerformanceCounter
Sleep
InterlockedExchange
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
LoadLibraryA
GlobalUnlock
GetLastError
GlobalLock
lstrlenA
GetModuleFileNameA
FindFirstFileA
GetFileAttributesA
FindNextFileA
FindClose
GetProcAddress
GetCurrentThreadId
CloseHandle
HeapAlloc
CreateFileA
LocalFree
LocalAlloc
GetTickCount
FreeLibrary
FormatMessageA
GetModuleHandleA
InterlockedCompareExchange
IsDebuggerPresent

user32

BeginPaint
GetClientRect
LoadMenuA
SystemParametersInfoA
DefWindowProcA
TrackPopupMenuEx
SetMenu
AppendMenuW
CreateMenu
ChangeDisplaySettingsA
PostQuitMessage
LoadCursorA
CloseClipboard
EnumDisplaySettingsA
GetWindowThreadProcessId
IsWindow
MoveWindow
GetWindowRect
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetMessageA
ShowWindow
CreateAcceleratorTableA
MessageBoxA
SetCaretPos
SetScrollInfo
GetScrollInfo
GetCursorPos
SetClipboardViewer
ReleaseDC
GetDC
GetClipboardData
OpenClipboard
KillTimer
PtInRect
ScreenToClient
GetSysColor
FillRect
DrawTextA
EndPaint
GetDlgItem
LoadIconA
SendMessageA
GetWindowLongA
SetTimer
InvalidateRect
SetWindowTextA
CreateWindowExA
InsertMenuItemA

gdi32

SetMapMode
RestoreDC
CreateSolidBrush
SaveDC
GdiComment
PlayMetaFile
TextOutA
GetColorAdjustment
SetBkColor
GetStockObject
SelectObject
SetTextColor
GetObjectA
CreateFontIndirectA
DeleteObject
EnumFontsA

comdlg32

ChooseFontA

advapi32

InitializeSecurityDescriptor
SetEntriesInAclA
ConvertStringSecurityDescriptorToSecurityDescriptorA
AllocateAndInitializeSid

msvcp90

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

shlwapi

PathAppendA
PathRemoveFileSpecA

comctl32

InitCommonControlsEx
CreateStatusWindowW
ord17

pdh

PdhOpenQueryA
PdhAddCounterW
PdhCollectQueryData
PdhCloseQuery

uxtheme

OpenThemeData
DrawThemeBackground
CloseThemeData

msvcr90

__dllonexit
_unlock
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_lock
_acmdln
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
strlen
malloc
fopen
fseek
ftell
rewind
fread
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
_crt_debugger_hook
_initterm
strtok
free
strcpy
strcat
strcmp
memset
memcpy
__iob_func
fprintf
abort
exit
??2@YAPAXI@Z
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
__CxxFrameHandler3
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??3@YAXPAX@Z
??0exception@std@@QAE@XZ

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.relocat
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.engine
Size: 512B - Virtual size: 130B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8dda9f5ba78fa54a76a17286e125457d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

msvcp90

shlwapi

comctl32

pdh

uxtheme

msvcr90

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 51KB - Virtual size: 50KB

.data Size: 8KB - Virtual size: 9KB

.relocat Size: 1024B - Virtual size: 520B

.engine Size: 512B - Virtual size: 130B

.rsrc Size: 21KB - Virtual size: 20KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 51KB - Virtual size: 50KB

.data
Size: 8KB - Virtual size: 9KB

.relocat
Size: 1024B - Virtual size: 520B

.engine
Size: 512B - Virtual size: 130B

.rsrc
Size: 21KB - Virtual size: 20KB