00b5b2930273b8c017a7da0c8050c2071ac993a4840d2792de192bce41351b62

General

Target

00b5b2930273b8c017a7da0c8050c2071ac993a4840d2792de192bce41351b62
Size

464KB
MD5

6ba4bcde9adf276215a19164e6908560
SHA1

7391cffb0bd19d4e035cc0e978c0da50ff74d4b7
SHA256

00b5b2930273b8c017a7da0c8050c2071ac993a4840d2792de192bce41351b62
SHA512

06daa16cc42f5d8322ac1123e3602c85a495c5dde895d2bb15d9235a71afad1e3a6bf6c7289b6651ebdbc5354f694b4ac52a8d8567ccfe282b5be1c301f8a8e4
SSDEEP

12288:inWVxlSfXMMURbP1+GTkJ5SCzzo9CMPooqs//gI:C6RbdL+5xXowMPL

Score

N/A

Malware Config

Signatures

Files

00b5b2930273b8c017a7da0c8050c2071ac993a4840d2792de192bce41351b62
.exe windows x86

5f5e9592940f1429ec053faed9ff6708

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
FreeLibrary
DisableThreadLibraryCalls
CloseHandle
Sleep
MulDiv
GlobalAlloc
LoadLibraryW
LocalFree
LocalLock
LocalAlloc
GlobalFree
WaitForSingleObject
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
GetCurrentThreadId
GetCurrentProcessId
SetErrorMode
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
CreateFileW
DeviceIoControl
lstrlenW
lstrlenA
InterlockedExchange
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemInfo
VirtualProtect
GetCurrentProcess
GetCommandLineA
HeapSize
GetCPInfo
GetOEMCP
HeapAlloc
HeapFree
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
VirtualQuery
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetACP

user32

BringWindowToTop
PostThreadMessageW
DispatchMessageW
LoadStringW
GetDesktopWindow
FindWindowW

advapi32

RegQueryValueExW
RegCloseKey

ole32

PropVariantClear
CoTaskMemFree

Sections

.text
Size: 445KB - Virtual size: 444KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f5e9592940f1429ec053faed9ff6708

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 445KB - Virtual size: 444KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 412KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 445KB - Virtual size: 444KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 412KB

.rsrc
Size: 8KB - Virtual size: 8KB