bab09d87f765477c0fa2d28ca9f5b279284a5c63dba1393c02968663fac5c789

Sharing

Copy URL

Twitter E-mail

General

Target

bab09d87f765477c0fa2d28ca9f5b279284a5c63dba1393c02968663fac5c789
Size

96KB
MD5

6cb39e24b2ba8cf614d8df0b11e23580
SHA1

5d3163bfb0c1bb5f01b302a43dba4faa91df5325
SHA256

bab09d87f765477c0fa2d28ca9f5b279284a5c63dba1393c02968663fac5c789
SHA512

8c7ff55e7507652a92c5e2e5a64f5c73ea91d6c9e2a9cdd846f279cba9153fee904f0d8d6c3257097e3e3b1ef46026015fd10cecf5042fc2f4c2a3d3ae7e3198
SSDEEP

1536:VZllJv8z3JhhE4iKRqk9Vu6QbXpaPcmkQzNV13vhXvaeMuVQMihmQ0sQfWlTyU1:V/lO7hE4iYqUPciX1JXhMuSMiUdsQfAZ

Score

N/A

Malware Config

Signatures

Files

bab09d87f765477c0fa2d28ca9f5b279284a5c63dba1393c02968663fac5c789
.exe windows x86

5fecb540da0ef2972eeb73bfc14ae919

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_flushall
_tempnam
_pclose
fflush
_popen
fopen
fread
rand
srand
fwrite
_time64
fclose
fseek

ole32

CoAllowSetForegroundWindow
CoCreateInstance
CoUninitialize
StringFromCLSID
CLSIDFromString
CoTaskMemFree
IIDFromString
CoTaskMemAlloc
CoInitializeEx

kernel32

ClearCommBreak
GetThreadSelectorEntry
GetBinaryTypeW
ClearCommError
GetModuleHandleW
PostQueuedCompletionStatus
VirtualProtect
CloseHandle
TryEnterCriticalSection
SystemTimeToFileTime
HeapFree
InitializeCriticalSection
WideCharToMultiByte
HeapCreate
FileTimeToSystemTime
SetThreadPriority
LCMapStringA
InterlockedExchange
IsBadHugeWritePtr
GlobalFree
GlobalHandle
DeleteCriticalSection
CreateWaitableTimerA
LocalAlloc
GetProcAddress
FreeLibrary
GetLastError
GetShortPathNameW
RaiseException
LoadLibraryA

user32

LoadMenuW
SetRect
SetSysColors
TranslateMessage
GetDC
BeginPaint
DeleteMenu
GetMessageW
ChangeMenuW
TranslateAcceleratorW
EndPaint
MessageBoxA
ReleaseDC
GetWindowContextHelpId
GetMenuItemCount
GetKeyNameTextW
InsertMenuA
PaintDesktop
ModifyMenuA
CopyRect

gdi32

GetPixel
PaintRgn
GetCharWidthW
GetDeviceCaps
GetCurrentObject
GetCharWidthA
GetTextMetricsA
BitBlt
CancelDC
DeleteDC
StretchBlt
GetArcDirection
SetBkMode
DeleteObject
CreateCompatibleDC
SetStretchBltMode

advapi32

RegRestoreKeyA
RegQueryInfoKeyA
RegSaveKeyA
RegLoadKeyA
RegReplaceKeyA
RegSetKeySecurity
EncryptFileW

oleaut32

SafeArrayCopyData
SafeArrayDestroy
SafeArrayCreate
SystemTimeToVariantTime
SysFreeString
SysAllocString

Exports

Exports

_FindFolder@8
_ResetBinaryData@8
_SetScrollPosition@12
_WriteToFile@4

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fecb540da0ef2972eeb73bfc14ae919

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

ole32

kernel32

user32

gdi32

advapi32

oleaut32

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 420B

.rsrc Size: 80KB - Virtual size: 79KB

.reloc Size: 1024B - Virtual size: 680B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 420B

.rsrc
Size: 80KB - Virtual size: 79KB

.reloc
Size: 1024B - Virtual size: 680B