bb5c1cb7f45e82d01348b8729a139afb90e9066fcf3bb7559487182740039c84

Sharing

Copy URL Twitter E-mail

General

Target

bb5c1cb7f45e82d01348b8729a139afb90e9066fcf3bb7559487182740039c84
Size

169KB
MD5

69b652883bba282ff9685bdc6a72429a
SHA1

bb8d8ed3d89faf23bc2b3ce22c6ed186e337046c
SHA256

bb5c1cb7f45e82d01348b8729a139afb90e9066fcf3bb7559487182740039c84
SHA512

e697371cdb72a6af61e8deaea017d8ed01bc16e83b009bc935cedda90c560e24450279c611387f52d809153d148a1d12e2a95d9b42e6c957c3a252ef6d76ceb4
SSDEEP

3072:USCiUFcZZ57Lvh6eSyjHi6jsgUsNiiyPTSI9DiAlcBJnjA2Z3vETfoS4XQ9:5LZZ57bE9yzFjsHsLwmIpi8eA25sfopX

Score

N/A

Malware Config

Signatures

Files

bb5c1cb7f45e82d01348b8729a139afb90e9066fcf3bb7559487182740039c84
.exe windows x86

d1ae6aa314a341ba200adf267e9e1c74

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalDeleteAtom
GetWindowsDirectoryA
OpenProcess
MulDiv
GetConsoleAliasesW
LockResource
GetPrivateProfileSectionW
GetModuleFileNameW
GetFullPathNameW
FreeLibrary
MoveFileA
GetDriveTypeW
IsBadReadPtr
GetCompressedFileSizeW
CreateProcessA
WritePrivateProfileStringW
CreateWaitableTimerW
lstrcpynA
GetUserDefaultLCID
AddConsoleAliasW
GetDriveTypeA
GetFileAttributesA
SetConsoleMode
ReleaseSemaphore
GetProcAddress
CreateFileMappingW
LocalFileTimeToFileTime

user32

GetClipboardOwner
ValidateRect
GetDlgCtrlID
GetKeyboardLayout
IsCharAlphaNumericW
IsWindowEnabled
DefDlgProcW
DdeDisconnectList
GetTopWindow
GetMessageW
DdeQueryStringW
FindWindowExA
RegisterClipboardFormatW
IsWindowUnicode
OpenIcon
GetUserObjectInformationA
CharNextA
ImpersonateDdeClientWindow
RegisterDeviceNotificationA
DeferWindowPos
DefMDIChildProcW
ShowWindow
DrawStateW
RegisterClassExW
SetDlgItemInt
ChildWindowFromPointEx
CreateDialogParamA
InternalGetWindowText

ntdll

_aulldiv
_allshl
_allmul

Exports

Exports

?PuntabutUnbeUlnasextApodSofaah@@YGEUYuchvanal@@PCN@Z

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.gnuum
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Fundid
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Lunt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Wind
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Locohe
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Crocbi
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Tolaam
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Brione
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Wyleum
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Mare
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Yeukki
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fopid
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.More
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oxyde
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.errab
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Yaffti
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vauna
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fabar
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didop
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Haha
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Qophjo
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fanuh
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pedan
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Burr
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ampel
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vatoi
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.migba
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.salow
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Loss
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Glia
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eveom
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d1ae6aa314a341ba200adf267e9e1c74

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ntdll

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 50KB

.gnuum Size: 1KB - Virtual size: 1KB

.Fundid Size: - Virtual size: 4KB

.Lunt Size: 4KB - Virtual size: 4KB

.Wind Size: 4KB - Virtual size: 4KB

.Locohe Size: 2KB - Virtual size: 2KB

.Crocbi Size: 3KB - Virtual size: 3KB

.Tolaam Size: 3KB - Virtual size: 3KB

.Brione Size: 4KB - Virtual size: 4KB

.Wyleum Size: 2KB - Virtual size: 2KB

.Mare Size: 2KB - Virtual size: 2KB

.Yeukki Size: 3KB - Virtual size: 3KB

.fopid Size: 5KB - Virtual size: 5KB

.More Size: 2KB - Virtual size: 2KB

.oxyde Size: - Virtual size: 4KB

.errab Size: 4KB - Virtual size: 4KB

.Yaffti Size: 6KB - Virtual size: 6KB

.vauna Size: 5KB - Virtual size: 5KB

.fabar Size: 1KB - Virtual size: 1KB

.didop Size: 7KB - Virtual size: 7KB

.Haha Size: 4KB - Virtual size: 4KB

.Qophjo Size: 2KB - Virtual size: 2KB

.fanuh Size: 5KB - Virtual size: 5KB

.pedan Size: 1KB - Virtual size: 1KB

.Burr Size: 6KB - Virtual size: 6KB

.ampel Size: 2KB - Virtual size: 2KB

.vatoi Size: 4KB - Virtual size: 4KB

.migba Size: 3KB - Virtual size: 3KB

.salow Size: 3KB - Virtual size: 3KB

.Loss Size: 6KB - Virtual size: 6KB

.Glia Size: 1KB - Virtual size: 1KB

.eveom Size: 5KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.text
Size: 51KB - Virtual size: 50KB

.gnuum
Size: 1KB - Virtual size: 1KB

.Fundid
Size: - Virtual size: 4KB

.Lunt
Size: 4KB - Virtual size: 4KB

.Wind
Size: 4KB - Virtual size: 4KB

.Locohe
Size: 2KB - Virtual size: 2KB

.Crocbi
Size: 3KB - Virtual size: 3KB

.Tolaam
Size: 3KB - Virtual size: 3KB

.Brione
Size: 4KB - Virtual size: 4KB

.Wyleum
Size: 2KB - Virtual size: 2KB

.Mare
Size: 2KB - Virtual size: 2KB

.Yeukki
Size: 3KB - Virtual size: 3KB

.fopid
Size: 5KB - Virtual size: 5KB

.More
Size: 2KB - Virtual size: 2KB

.oxyde
Size: - Virtual size: 4KB

.errab
Size: 4KB - Virtual size: 4KB

.Yaffti
Size: 6KB - Virtual size: 6KB

.vauna
Size: 5KB - Virtual size: 5KB

.fabar
Size: 1KB - Virtual size: 1KB

.didop
Size: 7KB - Virtual size: 7KB

.Haha
Size: 4KB - Virtual size: 4KB

.Qophjo
Size: 2KB - Virtual size: 2KB

.fanuh
Size: 5KB - Virtual size: 5KB

.pedan
Size: 1KB - Virtual size: 1KB

.Burr
Size: 6KB - Virtual size: 6KB

.ampel
Size: 2KB - Virtual size: 2KB

.vatoi
Size: 4KB - Virtual size: 4KB

.migba
Size: 3KB - Virtual size: 3KB

.salow
Size: 3KB - Virtual size: 3KB

.Loss
Size: 6KB - Virtual size: 6KB

.Glia
Size: 1KB - Virtual size: 1KB

.eveom
Size: 5KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB