0e34c0fc9cacfbfdd8997e2609c6a331b9372e8398dfc4c351d049bae889456c

Sharing

Copy URL Twitter E-mail

General

Target

0e34c0fc9cacfbfdd8997e2609c6a331b9372e8398dfc4c351d049bae889456c
Size

118KB
MD5

433dd0d35a5ee84825ee32c6b3a95be0
SHA1

a635673ff51639554fcca0c8c3d6fa3b8df3119e
SHA256

0e34c0fc9cacfbfdd8997e2609c6a331b9372e8398dfc4c351d049bae889456c
SHA512

43a081878d384fa7bc208768aed26c71268ecc1dc132772454b68266916284acec9cbd11c2027c50a932789292f6388ec2b725a480b6c9b603f9ed8f0dc1c91c
SSDEEP

3072:FVbDje3utzWCx+np/l+gewsOY/6uLJwcWeNbeuRxs7to:b63utz9x+pcvDiex

Score

N/A

Malware Config

Signatures

Files

0e34c0fc9cacfbfdd8997e2609c6a331b9372e8398dfc4c351d049bae889456c
.exe windows x86

bddd2d93ee8fb16484a19e60acfcc23b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
FindResourceW
GetOEMCP
LockResource
FlushFileBuffers
SetStdHandle
LoadResource
GetACP
Sleep
GetFileAttributesW
CreateProcessW
WideCharToMultiByte
HeapFree
RtlUnwind
RaiseException
ExitProcess
GetModuleHandleA
GetStartupInfoW
GetVersionExA
LCMapStringA
MultiByteToWideChar
GetLastError
LCMapStringW
GetCPInfo
HeapAlloc
GetProcAddress
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
WriteFile
GetStdHandle
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
GetLocaleInfoA
VirtualProtect
GetSystemInfo
VirtualQuery
GetStringTypeA
GetStringTypeW
HeapSize
IsBadReadPtr
IsBadCodePtr
LoadLibraryA
InterlockedExchange
SetFilePointer
GetExitCodeProcess
WaitForSingleObject
CloseHandle

user32

DdeDisconnect
DdeUninitialize
DdeCreateDataHandle
DdeInitializeW
DdeCreateStringHandleA
DdeConnect
DdeGetLastError
DdeFreeStringHandle
DdeClientTransaction

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

shell32

CommandLineToArgvW

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bddd2d93ee8fb16484a19e60acfcc23b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 68KB - Virtual size: 72KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 68KB - Virtual size: 72KB