0b450c4c53b9baf124cf8349842a675cfedcee35d3e0c3d81b298a0b8de65fb2

Sharing

Copy URL Twitter E-mail

General

Target

0b450c4c53b9baf124cf8349842a675cfedcee35d3e0c3d81b298a0b8de65fb2
Size

132KB
MD5

41751dcb76614b1846a4a54c5109f32c
SHA1

b558554f047b1e443cb7d764d266d92715a08915
SHA256

0b450c4c53b9baf124cf8349842a675cfedcee35d3e0c3d81b298a0b8de65fb2
SHA512

aa56f7a7a123c27c9ad044d8d70eb207731d8c7dd255f3d6460a8f62ba6c4540d41a10cf1882d39b7071582bfac953d68d05d8571ce9aafe30d5cb1ac7f9ff96
SSDEEP

3072:noqeDjaGHLnKtZ9tg+1T/DJnoYNPuORDEBUlhcb:nUH0gKTHNmO9EBACb

Score

N/A

Malware Config

Signatures

Files

0b450c4c53b9baf124cf8349842a675cfedcee35d3e0c3d81b298a0b8de65fb2
.exe windows x86

6f67bed680ab51cd3d7afc50354fd269

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeResource
GlobalFree
GlobalHandle
LockResource
LoadResource
GetModuleFileNameW
FindResourceA
FreeLibrary
GetProcAddress
LoadLibraryA
InterlockedIncrement
lstrcmpA
FlushInstructionCache
GetCurrentProcess
GetModuleFileNameA
GetShortPathNameW
GetExitCodeProcess
WaitForSingleObject
OpenProcess
LocalFree
WriteFile
LocalAlloc
CreateFileA
SizeofResource
FindClose
FindFirstFileA
CreateDirectoryA
GetVersionExA
GetShortPathNameA
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
GlobalAlloc
GlobalLock
CreateProcessA
CloseHandle
lstrlenA
SetUnhandledExceptionFilter
RaiseException
SetFilePointer
GetLastError
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
TerminateProcess
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
GetOEMCP
GetACP
GetCPInfo
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapReAlloc
HeapAlloc
HeapFree
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
DeleteCriticalSection
SetStdHandle
FlushFileBuffers
EnterCriticalSection
GlobalUnlock
LeaveCriticalSection
HeapDestroy
InitializeCriticalSection
DeleteFileA
InterlockedDecrement
GetCurrentThreadId
IsBadCodePtr

user32

ShowWindow
IsDialogMessageA
DispatchMessageA
PostQuitMessage
TranslateMessage
GetMessageA
PeekMessageA
DestroyWindow
MoveWindow
GetCursor
CreateWindowExA
wsprintfA
InvalidateRgn
SetCapture
ReleaseCapture
CreateAcceleratorTableA
GetDesktopWindow
GetParent
GetClassNameA
RedrawWindow
IsWindow
BeginPaint
GetClientRect
FillRect
EndPaint
CallWindowProcA
GetDC
ReleaseDC
GetFocus
IsChild
SetFocus
GetSysColor
CreateDialogIndirectParamA
GetWindowTextLengthA
GetWindowTextA
GetWindow
DefWindowProcA
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
LoadImageA
SendMessageA
SetWindowTextA
GetDlgItem
SystemParametersInfoA
SetWindowPos
GetSystemMetrics
GetWindowRect
InvalidateRect
GetWindowLongA
SetWindowLongA

gdi32

SelectObject
GetObjectA
GetStockObject
GetDeviceCaps
DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
CreateSolidBrush
PatBlt

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA

shell32

ShellExecuteA

ole32

CoTaskMemAlloc
StringFromCLSID
OleLockRunning
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoInitialize
CoUninitialize

oleaut32

SysAllocStringLen
LoadRegTypeLi
VariantClear
OleCreateFontIndirect
SysFreeString
DispCallFunc
SysAllocString
SysStringLen

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

wininet

InternetGetConnectedState

comctl32

ord17

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f67bed680ab51cd3d7afc50354fd269

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

wininet

comctl32

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 16.0MB

.rsrc Size: 40KB - Virtual size: 39KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 16.0MB

.rsrc
Size: 40KB - Virtual size: 39KB