bb86e6aea82eeff3202a95aa980bd40f03d890d191f4913ecbde0c23b250e110

Sharing

Copy URL Twitter E-mail

General

Target

bb86e6aea82eeff3202a95aa980bd40f03d890d191f4913ecbde0c23b250e110
Size

83KB
MD5

6f3797048de390863ce9168c4e42d6c0
SHA1

e68bf9652014eb852c845604f4c2630494c1cf36
SHA256

bb86e6aea82eeff3202a95aa980bd40f03d890d191f4913ecbde0c23b250e110
SHA512

186018f0231b7ef5e87a45b025854fde0b05b9c299cd6e25f01d73d0ca82e7f526d1fe2864f05b40b22d0a7274fee1cb3cdc99c4656149737bca06b80bb10b21
SSDEEP

1536:m4a7RgtqAuOCAyTxEmRPMMX3iOX5JEZQqCqZwCahco4sY:m/atjTAPMMX3wQqr2CahcopY

Score

N/A

Malware Config

Signatures

Files

bb86e6aea82eeff3202a95aa980bd40f03d890d191f4913ecbde0c23b250e110
.exe windows x86

c0a78e305f5fdb74cde1860dcdaefdb2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
lstrcmpiA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
ExitProcess
CloseHandle
WriteFile
CreateFileA
GetTempPathA
GetTickCount
ExitThread
CreateThread
GlobalUnlock
GlobalLock
GlobalAlloc
InterlockedDecrement
GetLocaleInfoA
GetVersionExA
SetFileAttributesA
lstrlenA
lstrcatA
GetDriveTypeA
GetLogicalDriveStringsA
ExpandEnvironmentStringsA
GetCurrentDirectoryA
CreateMutexA
SetErrorMode
HeapCreate
HeapDestroy
GetEnvironmentVariableA
LocalFree
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
LoadLibraryA
CopyFileA
GetLastError
Sleep
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
SetStdHandle
GetStringTypeW
LCMapStringW
LCMapStringA
WideCharToMultiByte
HeapSize
HeapReAlloc
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
FlushFileBuffers
GetEnvironmentStringsW
GetEnvironmentStrings
GetCurrentProcess
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
SetFilePointer
ReadFile
IsBadWritePtr
VirtualAlloc
MultiByteToWideChar
RtlUnwind
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
RaiseException
TerminateProcess
VirtualFree

user32

CloseClipboard
SetFocus
SetForegroundWindow
MessageBoxA
ShowWindow
keybd_event
OpenClipboard
EmptyClipboard
SetClipboardData
VkKeyScanA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA

shell32

ShellExecuteA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SysFreeString
VariantInit
VariantClear
SysAllocString

ws2_32

WSAStartup
WSACleanup
closesocket
socket
htons
send
select
recv
gethostbyname
inet_addr
sendto
connect

urlmon

URLDownloadToFileA

shlwapi

PathRemoveFileSpecA

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c0a78e305f5fdb74cde1860dcdaefdb2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

ws2_32

urlmon

shlwapi

Sections

.text Size: 62KB - Virtual size: 61KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 14KB - Virtual size: 44KB

.text
Size: 62KB - Virtual size: 61KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 14KB - Virtual size: 44KB