a11abb693288bbbba743284571389834a88f7ac5061fbbfc51038a9134e75d48

Sharing

Copy URL

Twitter E-mail

General

Target

a11abb693288bbbba743284571389834a88f7ac5061fbbfc51038a9134e75d48
Size

382KB
MD5

3f6b1ebbea212fb945b2f5c0fb864c91
SHA1

03b8f588a1dfb00eabcb602b177dc748931c3e56
SHA256

a11abb693288bbbba743284571389834a88f7ac5061fbbfc51038a9134e75d48
SHA512

f1b5c6a1e7274092dd6a67e463bc0e72aedfa3cbcfe63a462a43555f3b834e1dec6fb82e8703aee6d9f12ae68b7e37c88eea76762dfe1d292f9dd5d84e4b7176
SSDEEP

6144:lMTCKNrjaBXwdTpxBYX1b8vrx2i405RNk5vqAlskuOVqGte868+M/BViGdM:+TRa2NOX1bux2iTNkDlrpUaea+6TiqM

Score

N/A

Malware Config

Signatures

Files

a11abb693288bbbba743284571389834a88f7ac5061fbbfc51038a9134e75d48
.exe windows x86

b02fda8763fd5e5f347e8a6f3ad97784

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
LocalFree
GetLocaleInfoA
lstrlenW
lstrcpyW
lstrcatW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
SetLastError
InterlockedIncrement
InterlockedDecrement
GetLastError
GetCommandLineA
GetModuleHandleW
LockResource
LoadResource
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
lstrcmpW
GlobalLock
GetSystemWindowsDirectoryW
GetWindowsDirectoryW
ExpandEnvironmentStringsW
SetErrorMode
GetCommandLineW
GetThreadLocale
GetPrivateProfileSectionW
GlobalUnlock
lstrcmpiW
HeapSetInformation
DisableThreadLibraryCalls
GetModuleHandleA
GetStartupInfoA
GlobalFree
VirtualProtect
GetProcAddress
GlobalAlloc

user32

LoadCursorW
CharNextW
SetCursor
LoadStringW

advapi32

RegCloseKey
RegSetValueExW
RegCreateKeyExW

ole32

CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CoInitializeEx

rpcrt4

NdrDllUnregisterProxy
NdrCStdStubBuffer2_Release
NdrDllGetClassObject

msvcr71

_adjust_fdiv
__p__commode
__setusermatherr
__getmainargs
_controlfp
_onexit
__dllonexit
__set_app_type
_exit
_c_exit
memmove
_cexit
_except_handler3
_amsg_exit
free
_XcptFilter
atoi
memcpy
memset
_wcsicmp
_ismbblead
_vsnwprintf
swscanf
_initterm
_acmdln
exit
__p__fmode

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 349KB - Virtual size: 349KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 347KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b02fda8763fd5e5f347e8a6f3ad97784

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

rpcrt4

msvcr71

Sections

.text Size: 27KB - Virtual size: 26KB

.rdata Size: 349KB - Virtual size: 349KB

.data Size: 4KB - Virtual size: 347KB

.rsrc Size: 1024B - Virtual size: 1024B

.text
Size: 27KB - Virtual size: 26KB

.rdata
Size: 349KB - Virtual size: 349KB

.data
Size: 4KB - Virtual size: 347KB

.rsrc
Size: 1024B - Virtual size: 1024B