b8ae82082996d2626697be2bfcd3d1bb0fdb26341ec79d89c140b2165df0703e

Sharing

Copy URL Twitter E-mail

General

Target

b8ae82082996d2626697be2bfcd3d1bb0fdb26341ec79d89c140b2165df0703e
Size

288KB
MD5

4cdbf8a76a1c2c7eea645c1be89dd500
SHA1

3f9dc13339f70a412d585d800667a83748d97e9d
SHA256

b8ae82082996d2626697be2bfcd3d1bb0fdb26341ec79d89c140b2165df0703e
SHA512

dcd4c54c190a3ce9b79c73cf7536a45446ccc2d48d339c4b81f81d2640c204216982c78c9f61e4e8ec19230099ca9259315ba0c6e6cc98b5d7b420c587d262d7
SSDEEP

6144:VZu7Hb3Vq7eYmbtUwNxmZRFULUL+xUgeGq:V83VqyGWGRmsgw

Score

N/A

Malware Config

Signatures

Files

b8ae82082996d2626697be2bfcd3d1bb0fdb26341ec79d89c140b2165df0703e
.exe windows x86

2031aca163672bb32bbdcddbe3fa5cb8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
IsBadWritePtr
GlobalAddAtomA
PeekNamedPipe
VirtualAlloc
GetBinaryTypeA
ExpandEnvironmentStringsW
ClearCommBreak
GetStringTypeExW
GetProcessTimes
FindCloseChangeNotification
GetCurrentProcessId
lstrcmpiA
WriteConsoleOutputCharacterA
PurgeComm
SetProcessShutdownParameters
ReadFile
VirtualQuery
GetFileAttributesExA
GetCommandLineW
GetCommConfig
GetProcessHeap
SetEnvironmentVariableA
SetProcessWorkingSetSize
GetUserDefaultLangID
GetConsoleMode
GetStartupInfoA
WritePrivateProfileSectionW
EnumSystemCodePagesA
GetUserDefaultLCID
GetCommModemStatus
FreeResource
MoveFileExA
LCMapStringA
GetOEMCP
GetThreadContext
GetTempPathW
FreeLibrary
RemoveDirectoryW
SearchPathW
GetModuleFileNameW
WritePrivateProfileStructA
DeleteFiber
GetDiskFreeSpaceW
IsBadStringPtrA
GetDateFormatA
CreateMutexW
OpenMutexA
GetNumberFormatW
EnumTimeFormatsW
GetTempFileNameA
VirtualLock
GetVersionExA
VirtualProtect
SetNamedPipeHandleState
SetVolumeLabelA
GetPrivateProfileSectionW
FileTimeToLocalFileTime
CreateMutexA
SetCurrentDirectoryA
_llseek
FreeLibraryAndExitThread
_hread
UnhandledExceptionFilter
IsProcessorFeaturePresent
FormatMessageA
InitializeCriticalSection
ReadFileScatter
IsBadReadPtr
GlobalFindAtomA
LoadResource
WritePrivateProfileSectionA
lstrcmpiW
GetComputerNameW
VirtualAllocEx
GetSystemDefaultLangID
GetModuleHandleA
SystemTimeToFileTime
lstrlenA

user32

LoadMenuIndirectA
OemKeyScan
IsRectEmpty
CharLowerBuffA
TrackPopupMenu
SetParent
RemoveMenu
GetDesktopWindow
LoadCursorW
EnumDisplaySettingsExW
ShowOwnedPopups
CreateDialogParamW
MapVirtualKeyExW
GetMenuInfo
LoadMenuA
DispatchMessageA
GetActiveWindow
ExitWindowsEx
GetClipboardFormatNameW
RegisterClassExW
CreateAcceleratorTableW
ClipCursor
SetClassLongW
SetWindowsHookW
ModifyMenuA
CharLowerA
InSendMessage
GetCaretBlinkTime
MessageBoxW
SetUserObjectInformationW
GetKeyState
DefDlgProcA
SetScrollRange
SetMenu
SetCapture
CharUpperW
GetWindowThreadProcessId
GetMenuState
CloseWindow
GetWindowRgn
GetAsyncKeyState
DeferWindowPos
EmptyClipboard
GetWindowPlacement
RegisterDeviceNotificationA
GetClassInfoW
IsDialogMessageW
GetCaretPos
DefMDIChildProcW
CharToOemA
IsCharAlphaW
WinHelpA
MsgWaitForMultipleObjects
MessageBoxA
LoadBitmapW
SetWindowTextW
DefMDIChildProcA
UnregisterClassW

gdi32

PtInRegion
PtVisible
StrokePath

advapi32

SetFileSecurityA
AbortSystemShutdownA
NotifyBootConfigStatus
RegDeleteValueW
CryptAcquireContextW
CryptDeriveKey
RegSetValueExA
CryptAcquireContextA
CryptSetHashParam
RegCreateKeyW
OpenEventLogW
GetServiceKeyNameW
SetSecurityDescriptorGroup
GetTokenInformation
RegEnumKeyA
GetSecurityDescriptorGroup
RegEnumValueW

shell32

SHGetSpecialFolderLocation

ole32

CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
OleQueryLinkFromData
OleSave
OleBuildVersion
WriteClassStg
OleLockRunning

oleaut32

SysStringLen
VariantChangeType
SafeArrayGetLBound
SafeArrayCreate
LoadTypeLibEx
SafeArrayUnaccessData
QueryPathOfRegTypeLi

comctl32

ImageList_Duplicate

shlwapi

PathRemoveFileSpecA
AssocQueryStringW
StrCmpNW
StrCmpNIW
PathUndecorateW

msvcrt

_adjust_fdiv
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__setusermatherr

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 268KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2031aca163672bb32bbdcddbe3fa5cb8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

msvcrt

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 268KB - Virtual size: 265KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 268KB - Virtual size: 265KB