d0beeefdaa1e3e00e017c6191f4752ac658d3b4596c33c38d79a886e4d4653aa

Sharing

Copy URL Twitter E-mail

General

Target

d0beeefdaa1e3e00e017c6191f4752ac658d3b4596c33c38d79a886e4d4653aa
Size

824KB
MD5

686e62604fe0921872f92dc5cab5f926
SHA1

7421a53a87146f4208fc167826524eeb67a4117b
SHA256

d0beeefdaa1e3e00e017c6191f4752ac658d3b4596c33c38d79a886e4d4653aa
SHA512

bb7c71c47ba98e6c6da0495a31f7fba2bc9e6f72a88522605a4c80bd977fc7a75a472f1e229838a3c815091bbb28921f0230b14fadfaf94eb744590439d2f6ea
SSDEEP

12288:mqKrFEoBRgke52zqDhY3nyJR826610ULRqlJyieqTwQpJMaqTSm3USsPr:eb/fe52+ky365UYlJhzTFALMSor

Score

N/A

Malware Config

Signatures

Files

d0beeefdaa1e3e00e017c6191f4752ac658d3b4596c33c38d79a886e4d4653aa
.exe windows x86

929e4c58ec677ca5b76bb2dec433119a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
HeapFree
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
SetUnhandledExceptionFilter
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
HeapSize
LoadLibraryA
InterlockedExchange
VirtualQuery
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
SetFilePointer
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetSystemTimeAsFileTime
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
VirtualProtect
GetSystemInfo
FlushFileBuffers
GetLocaleInfoW
CloseHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
FreeLibrary
CreateFileA
FindNextFileA
FindFirstFileA
FindClose
ReadFile
GetFileSize
SetEndOfFile
GetLocalTime
IsDBCSLeadByte
FreeConsole
AllocConsole
WriteConsoleA
SetEvent
Sleep
ResetEvent
CreateEventA
QueryPerformanceFrequency
WaitForSingleObject
InterlockedDecrement
GlobalFree
GlobalAlloc
InterlockedIncrement
GetVersion
LocalFree
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
HeapAlloc
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RaiseException
RtlUnwind
ExitProcess
ExitThread
GetTickCount
DeleteCriticalSection
IsValidCodePage
InitializeCriticalSection
CreateThread

gdi32

CreateFontIndirectA
SelectObject
SetTextColor
CreateCompatibleDC
SetBkMode
DeleteDC
GetObjectA
CreateDIBSection
GetTextMetricsA
GetGlyphOutlineA
SetDIBitsToDevice
DeleteObject
SetMapMode
CreateRoundRectRgn
SetBkColor

shell32

ShellExecuteA

user32

GetCursorPos
ScreenToClient
SetCapture
SetFocus
UpdateWindow
DestroyWindow
EndPaint
BeginPaint
TranslateMessage
GetParent
GetCursor
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA
GetSystemMetrics
IsWindowUnicode
GetClientRect
GetProcessWindowStation
ReleaseCapture
IsRectEmpty
IntersectRect
wsprintfA
PostMessageA
PeekMessageA
DispatchMessageA
SetRect
OffsetRect
DrawTextA
PtInRect
MessageBoxA
SetTimer
SetWindowRgn
PostQuitMessage
KillTimer
SystemParametersInfoA
WindowFromPoint
MapWindowPoints
DefWindowProcA
IsWindowVisible
GetWindowLongA
AdjustWindowRectEx
CopyRect
SetRectEmpty
CharPrevA
CharNextA
GetDesktopWindow
GetDC
ReleaseDC
UnionRect
IsWindow
SetCursor
ShowWindow
GetUserObjectInformationW
SetWindowPos

advapi32

RegisterEventSourceA
DeregisterEventSource
ReportEventA

ole32

CoCreateInstance
OleUninitialize
OleInitialize
CoTaskMemAlloc

oleaut32

SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
VariantInit
VariantClear
SysFreeString
SysAllocString
SafeArrayGetLBound
SafeArrayGetUBound

Sections

.text
Size: 548KB - Virtual size: 544KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

929e4c58ec677ca5b76bb2dec433119a

Headers

File Characteristics

Imports

kernel32

gdi32

shell32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 548KB - Virtual size: 544KB

.rdata Size: 116KB - Virtual size: 114KB

.data Size: 44KB - Virtual size: 70KB

.rsrc Size: 112KB - Virtual size: 109KB

.text
Size: 548KB - Virtual size: 544KB

.rdata
Size: 116KB - Virtual size: 114KB

.data
Size: 44KB - Virtual size: 70KB

.rsrc
Size: 112KB - Virtual size: 109KB